CVE-2024-33274
CVE-2024-33274 describes a Directory Traversal in PrestaShop’s FME Modules customfields (v2.2.7 and earlier). The vulnerability is triggered via the ajax.php endpoint’s parameter referenced as "Custom Checkout Fields, Add Custom Fields to Checkout", allowing a remote attacker to obtain sensitive ...