SecuriTricks - CVE-2024-34990

Product(s) Impacted

PrestaShop Help Desk - Customer Support Management System (helpdesk) module

up to 2.4.0

Description

In the module "Help Desk - Customer Support Management System" (helpdesk) up to version 2.4.0 from FME Modules for PrestaShop, a customer can upload .php files. Methods `HelpdeskHelpdeskModuleFrontController::submitTicket()` and `HelpdeskHelpdeskModuleFrontController::replyTicket()` allow upload of .php files on a predictable path for connected customers.

Weaknesses

Date

Published: June 19, 2024, 9:15 p.m.

Last Modified: June 19, 2024, 9:15 p.m.

Status : Received

CVE has been recently published to the CVE List and has been received by the NVD.

More info

Source

cve@mitre.org

CVE-2024-34990

Tags

Product(s) Impacted

Description

Weaknesses

Date

Status : Received

Source

References

CVE-2024-34990

Tags

Product(s) Impacted

Description

Weaknesses

Date

Status : Received

Source

References

Share