CVE-2024-33272
April 29, 2024, 8:15 p.m.
Tags
Product(s) Impacted
PrestaShop KnowBand autosuggest
- before 2.0.0
Description
SQL injection vulnerability in KnowBand for PrestaShop autosuggest before 2.0.0 allows an attacker to run arbitrary SQL commands via the AutosuggestSearchModuleFrontController::initContent(), and AutosuggestSearchModuleFrontController::getKbProducts() components.
Weaknesses
Date
Published: April 29, 2024, 8:15 p.m.
Last Modified: April 29, 2024, 8:15 p.m.
Status : Received
CVE has been recently published to the CVE List and has been received by the NVD.
More infoSource
cve@mitre.org
References
https://security.friendsofpresta.org/
cve@mitre.org