CVE-2024-28393 | scalapay up to 1.2.41 on PrestaShop postProcess sql injection

Inserito da Angelo Barbosa | Mar 25, 2024 | CVE

A vulnerability, which was classified as critical, was found in scalapay up to 1.2.41 on PrestaShop. This affects the function ScalapayReturnModuleFrontController::postProcess. The manipulation leads to sql injection.

This vulnerability is uniquely identified as CVE-2024-28393. It is possible to initiate the attack remotely. There is no exploit available.

CVE-2024-28393 | scalapay up to 1.2.41 on PrestaShop postProcess sql injection

Post correlati

CVE-2021-46968 | Linux Kernel up to 5.10.35/5.11.19/5.12.2 zcrypt memory leak

CVE-2024-31839 | tiagorlampert CHAOS 5.0.1 handler.go sendCommandHandler cross site scripting

CVE-2024-39020 | idcCMS 1.35 vpsApiData_deal.php cross-site request forgery

CVE-2024-6804 | Jeg Elementor Kit Plugin up to 2.6.7 on WordPress SVG File cross site scripting