CVE-2024-33268
CVE-2024-33268 affects Digincube mdgiftproduct prior to 1.4.1. The root cause is a SQL injection via MdGiftRule::addGiftToCart, enabling an attacker to execute arbitrary SQL commands against the database. Impact is described as high/critical in sources; exploitation details are not provided beyon...