CVE-2024-34994

June 19, 2024, 9:15 p.m.

Tags

cve@mitre.org
2024-06-19
CVE-2024-34994

Product(s) Impacted

PrestaShop Channable module

  • up to 3.2.1

Description

In the module "Channable" (channable) up to version 3.2.1 from Channable for PrestaShop, a guest can perform SQL injection via `ChannableFeedModuleFrontController::postProcess()`.

Weaknesses

Date

Published: June 19, 2024, 9:15 p.m.

Last Modified: June 19, 2024, 9:15 p.m.

Status : Received

CVE has been recently published to the CVE List and has been received by the NVD.

More info

Source

cve@mitre.org

References

https://github.com/friends-of-presta/security-advisories/blob/main/_posts/2024-06-18-channable.md
cve@mitre.org