CVE-2024-24307 | Product Designer Module prior 1.178.36 on PrestaShop ajaxProcessCropImage path traversal

Posted by Angelo Barbosa | Mar 3, 2024 | CVE

A vulnerability was found in Product Designer Module on PrestaShop. It has been declared as critical. This vulnerability affects the function ajaxProcessCropImage. The manipulation leads to path traversal.

This vulnerability was named CVE-2024-24307. The attack can be initiated remotely. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2024-24307 | Product Designer Module prior 1.178.36 on PrestaShop ajaxProcessCropImage path traversal

Related Posts

CVE-2024-44973 | Linux Kernel up to 6.10.4 mm/slub.c do_slab_free denial of service (b35cd7f1e969/a371d558e6f3)

CVE-2023-22383 | Qualcomm 855 Mobile Platform Camera memory corruption

CVE-2024-45613 | CKeditor5 up to 43.1.0 Clipboard Package cross site scripting (GHSA-rgg8-g5x8-wr9v)

CVE-2024-20808 | Samsung Mobile Nearby Device Scanning prior 11.1.14.7 access control