CVE-2024-28392 | pscartabandonmentpro up to 2.0.11 on PrestaShop setEmailVisualized sql injection

Posted by Angelo Barbosa | Mar 20, 2024 | CVE

A vulnerability, which was classified as critical, was found in pscartabandonmentpro up to 2.0.11 on PrestaShop. Affected is the function pscartabandonmentproFrontCAPUnsubscribeJobModuleFrontController::setEmailVisualized. The manipulation leads to sql injection.

This vulnerability is traded as CVE-2024-28392. It is possible to launch the attack remotely. There is no exploit available.

CVE-2024-28392 | pscartabandonmentpro up to 2.0.11 on PrestaShop setEmailVisualized sql injection

Related Posts

CVE-2024-2338 | Dalibo PostgreSQL Anonymizer up to 1.2.x sql injection

CVE-2024-45002 | Linux Kernel up to 6.1.106/6.6.47/6.10.6 osnoise_free_top null pointer dereference

CVE-2024-9824 | ImagePress Plugin up to 1.2.2 on WordPress authorization

CVE-2023-6645 | Post Grid Combo Plugin up to 2.2.64 on WordPress cross site scripting