CVE-2024-28392 | pscartabandonmentpro up to 2.0.11 on PrestaShop setEmailVisualized sql injection

Posted by Angelo Barbosa | Mar 20, 2024 | CVE

A vulnerability, which was classified as critical, was found in pscartabandonmentpro up to 2.0.11 on PrestaShop. Affected is the function pscartabandonmentproFrontCAPUnsubscribeJobModuleFrontController::setEmailVisualized. The manipulation leads to sql injection.

This vulnerability is traded as CVE-2024-28392. It is possible to launch the attack remotely. There is no exploit available.

CVE-2024-28392 | pscartabandonmentpro up to 2.0.11 on PrestaShop setEmailVisualized sql injection

Related Posts

CVE-2023-4224 | Chamilo LMS up to 1.11.24 dropbox.ajax.php unrestricted upload

CVE-2023-46840 | Xen Device access control

CVE-2024-7888 | Classified Listing Plugin up to 3.1.7 on WordPress authorization

CVE-2024-31974 | Solarized FireDown Browser & Downloader 1.0.76 on Android WebView permission