CVE-2024-24303 | HiPresta Gift Wrapping Pro Module up to 1.4.0 on PrestaShop addGiftWrappingCartValue sql injection

Posted by Angelo Barbosa | Feb 7, 2024 | CVE

A vulnerability, which was classified as critical, was found in HiPresta Gift Wrapping Pro Module up to 1.4.0 on PrestaShop. This affects the function HiAdvancedGiftWrappingGiftWrappingModuleFrontController::addGiftWrappingCartValue. The manipulation leads to sql injection.

This vulnerability is uniquely identified as CVE-2024-24303. It is possible to initiate the attack remotely. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2024-24303 | HiPresta Gift Wrapping Pro Module up to 1.4.0 on PrestaShop addGiftWrappingCartValue sql injection

Related Posts

CVE-2024-29650 | thi.ng paths up to 5.1.62 mut/mutInManyUnsafe Privilege Escalation

CVE-2023-23324 | Zumtobel Netlink CCD Onboard up to 3.80 hard-coded credentials

CVE-2024-9521 | SEO Manager Plugin up to 1.9 on WordPress Post Meta cross site scripting

CVE-2023-36647 | ProLion CryptoSpike 3.0.15P2 REST API Endpoint hard-coded key