Skip to main content

B2B Quick Order Form

1 CVEs product

Monthly

CVE-2024-28391 CRITICAL PATCH Act Now

SQL injection vulnerability in FME Modules quickproducttable module for PrestaShop v.1.2.1 and before, allows a remote attacker to escalate privileges and obtain information via the readCsv(),. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Improper Privilege Management vulnerability could allow attackers to escalate privileges to gain unauthorized elevated access.

Privilege Escalation SQLi B2B Quick Order Form
NVD
CVSS 3.1
9.8
EPSS
0.6%
EPSS 1% CVSS 9.8
CRITICAL PATCH Act Now

SQL injection vulnerability in FME Modules quickproducttable module for PrestaShop v.1.2.1 and before, allows a remote attacker to escalate privileges and obtain information via the readCsv(),. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Improper Privilege Management vulnerability could allow attackers to escalate privileges to gain unauthorized elevated access.

Privilege Escalation SQLi B2B Quick Order Form
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy