3 matches found
CVE-2024-28395
SQL injection vulnerability in Best-Kit bestkitpopup v.1.7.2 and before allows a remote attacker to escalate privileges via the bestkitpopup.php component...
CVE-2024-28395
CVE-2024-28395 affects Best-Kit Best-Kit Pop-up (bestkit_popup) for PrestaShop, with vulnerable versions 1.7.2 and earlier. Root cause is an SQL injection in bestkit_popup.php that enables remote privilege escalation. CVSSv3.1 details: AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H, yielding a base score of...
CVE-2024-28395
SQL injection vulnerability in Best-Kit bestkitpopup v.1.7.2 and before allows a remote attacker to escalate privileges via the bestkitpopup.php component...