CVE-2024-33276
April 29, 2024, 8:15 p.m.
Tags
Product(s) Impacted
FME Modules preorderandnotication
- 3.1.0 and before
Description
SQL Injection vulnerability in FME Modules preorderandnotication v.3.1.0 and before allows a remote attacker to run arbitrary SQL commands via the PreorderModel::getIdProductAttributesByIdAttributes() method.
Weaknesses
Date
Published: April 29, 2024, 8:15 p.m.
Last Modified: April 29, 2024, 8:15 p.m.
Status : Received
CVE has been recently published to the CVE List and has been received by the NVD.
More infoSource
cve@mitre.org
References
https://security.friendsofpresta.org/
cve@mitre.org