CVE-2024-24307 | Product Designer Module prior 1.178.36 on PrestaShop ajaxProcessCropImage path traversal

Posted by Angelo Barbosa | Mar 3, 2024 | CVE

A vulnerability was found in Product Designer Module on PrestaShop. It has been declared as critical. This vulnerability affects the function ajaxProcessCropImage. The manipulation leads to path traversal.

This vulnerability was named CVE-2024-24307. The attack can be initiated remotely. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2024-24307 | Product Designer Module prior 1.178.36 on PrestaShop ajaxProcessCropImage path traversal

Related Posts

CVE-2024-47481 | Dell Data Lakehouse 1.0.0.0/1.1.0.0 access control (dsa-2024-419)

CVE-2024-6677 | Citrix uberAgent up to 7.2.0 privileges management (CTX691103)

CVE-2024-31138 | JetBrains TeamCity prior 2024.03 Agent Distribution Settings cross site scripting

CVE-2024-9914 | D-Link DIR-619L B1 2.06 formSetWizardSelectMode curTime buffer overflow