4 matches found
CVE-2024-36684
In the module "Custom links" pkcustomlinks = 2.3 from Promokit.eu for PrestaShop, a guest can perform SQL injection. The script ajax.php have a sensitive SQL call that can be executed with a trivial http call and exploited to forge a SQL injection...
CVE-2024-36684
CVE-2024-36684 affects the PrestaShop module “Custom links” (pk_customlinks) up to version 2.3 from Promokit.eu. The issue enables a Guest to perform SQL injection via the script ajax.php, which contains a sensitive SQL call that can be triggered with a trivial HTTP request. The documented impact...
CVE-2024-36684
In the module "Custom links" pkcustomlinks = 2.3 from Promokit.eu for PrestaShop, a guest can perform SQL injection. The script ajax.php have a sensitive SQL call that can be executed with a trivial http call and exploited to forge a SQL injection...
CVE-2024-36684
In the module "Custom links" pkcustomlinks = 2.3 from Promokit.eu for PrestaShop, a guest can perform SQL injection. The script ajax.php have a sensitive SQL call that can be executed with a trivial http call and exploited to forge a SQL injection...