CVE-2024-33275

2024-04-3000:00:00

mitre

www.cve.org

sql injection

webbax supernewsletter

remote attacker

privileges

super newsletter module

product_search.php components

AI Score

8.1

Confidence

Low

EPSS

Percentile

9.0%

JSON

SQL injection vulnerability in Webbax supernewsletter v.1.4.21 and before allows a remote attacker to escalate privileges via the Super Newsletter module in the product_search.php components.

References

security.friendsofpresta.org/modules/2024/04/29/supernewsletter.html

www.webbax.ch/2017/08/30/9-modules-prestashop-gratuits-offert-par-webbax/