CVE-2024-33272 | autosuggest Module up to 1.x on PrestaShop initContent sql injection

Posted by Angelo Barbosa | Apr 29, 2024 | CVE

A vulnerability classified as critical has been found in autosuggest Module up to 1.x on PrestaShop. Affected is the function AutosuggestSearchModuleFrontController::initContent. The manipulation leads to sql injection.

This vulnerability is traded as CVE-2024-33272. It is possible to launch the attack remotely. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2024-33272 | autosuggest Module up to 1.x on PrestaShop initContent sql injection

Related Posts

CVE-2023-52760 | Linux Kernel up to 6.6.2 gfs2_put_super use after free (08a28272faa7/bdcb8aa434c6)

CVE-2024-39570 | Siemens SINEMA Remote Connect Server up to 3.2 VXLAN Configuration command injection (ssa-928781)

CVE-2024-43902 | Linux Kernel up to 5.15.164/6.1.104/6.6.45/6.10.4 AMD Display null pointer dereference

CVE-2024-30809 | Axiomatic Bento4 1.6.0-641-2-g1529b83 Ap4Sample.h AP4_Sample::GetOffset denial of service