CVE-2024-33268 | Digincube mdgiftproduct Module up to 1.4.0 on PrestaShop addGiftToCart sql injection

Inserito da Angelo Barbosa | Apr 29, 2024 | CVE

A vulnerability, which was classified as critical, was found in Digincube mdgiftproduct Module up to 1.4.0 on PrestaShop. This affects the function MdGiftRule::addGiftToCart. The manipulation leads to sql injection.

This vulnerability is uniquely identified as CVE-2024-33268. It is possible to initiate the attack remotely. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2024-33268 | Digincube mdgiftproduct Module up to 1.4.0 on PrestaShop addGiftToCart sql injection

Post correlati

CVE-2024-2476 | OceanWP Plugin up to 3.5.4 on WordPress file inclusion

CVE-2024-8037 | Canonical Juju up to 2.9.50/3.1.9/3.3.6/3.4.5/3.5.3 Unix Domain Socket agent.socket Local Privilege Escalation (GHSA-8v4w-f4r9-7h6x)

CVE-2023-48329 | CodeBard Fast Custom Social Share by Plugin up to 1.1.1 on WordPress cross site scripting

CVE-2024-33561 | 8theme XStore Plugin up to 9.3.8 on WordPress authorization