CVE-2024-24303 | HiPresta Gift Wrapping Pro Module up to 1.4.0 on PrestaShop addGiftWrappingCartValue sql injection

Posted by Angelo Barbosa | Feb 7, 2024 | CVE

A vulnerability, which was classified as critical, was found in HiPresta Gift Wrapping Pro Module up to 1.4.0 on PrestaShop. This affects the function HiAdvancedGiftWrappingGiftWrappingModuleFrontController::addGiftWrappingCartValue. The manipulation leads to sql injection.

This vulnerability is uniquely identified as CVE-2024-24303. It is possible to initiate the attack remotely. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2024-24303 | HiPresta Gift Wrapping Pro Module up to 1.4.0 on PrestaShop addGiftWrappingCartValue sql injection

Related Posts

CVE-2024-25699 | Esri Portal for ArcGIS up to 11.2 improper authentication

CVE-2023-31654 | Redis Raft up to master-7b46079 alloc.c hiredisAllocFns Privilege Escalation (Issue 600)

CVE-2024-1328 | Newsletter2Go Plugin up to 4.0.13 on WordPress Style cross site scripting

CVE-2023-50585 | Tenda A18 15.13.07.09 formSetDeviceName devName stack-based overflow