CVE-2024-34989

June 21, 2024, 10:15 p.m.

Tags

cve@mitre.org
2024-06-21
CVE-2024-34989

Product(s) Impacted

PrestaShop

  • <= 7.0.0

Description

In the module RSI PDF/HTML catalog evolution (prestapdf) <= 7.0.0 from RSI for PrestaShop, a guest can perform SQL injection via `PrestaPDFProductListModuleFrontController::queryDb().'

Weaknesses

Date

Published: June 21, 2024, 10:15 p.m.

Last Modified: June 21, 2024, 10:15 p.m.

Status : Received

CVE has been recently published to the CVE List and has been received by the NVD.

More info

Source

cve@mitre.org

References

https://security.friendsofpresta.org/modules/2024/06/20/prestapdf.html
cve@mitre.org