Today > vulnerabilities   -   You can now download lists of IOCs here!

CVE-2024-36677

June 19, 2024, 9:15 p.m.

Tags

cve@mitre.org
2024-06-19
CVE-2024-36677

Product(s) Impacted

PrestaShop

  • <1.2.7

Description

In the module "Login as customer PRO" (loginascustomerpro) <1.2.7 from Weblir for PrestaShop, a guest can access direct link to connect to each customer account of the Shop if the module is not installed OR if a secret accessible to administrator is stolen.

Weaknesses

Date

Published: June 19, 2024, 9:15 p.m.

Last Modified: June 19, 2024, 9:15 p.m.

Status : Received

CVE has been recently published to the CVE List and has been received by the NVD.

More info

Source

cve@mitre.org

References

https://security.friendsofpresta.org/ cve@mitre.org