CVE-2024-33268

SQL Injection vulnerability in Digincube mdgiftproduct before 1.4.1 allows an attacker to run arbitrary SQL commands via the MdGiftRule::addGiftToCart method...

CVE-2024-33268

SQL Injection vulnerability in Digincube mdgiftproduct before 1.4.1 allows an attacker to run arbitrary SQL commands via the MdGiftRule::addGiftToCart method...

CVE-2024-33268

SQL Injection vulnerability in Digincube mdgiftproduct before 1.4.1 allows an attacker to run arbitrary SQL commands via the MdGiftRule::addGiftToCart method...

PT-2024-25179 · Digincube · Mdgiftproduct

Name of the Vulnerable Software and Affected Versions: Digincube mdgiftproduct versions prior to 1.4.1 Description: The issue allows an attacker to run arbitrary SQL commands via the MdGiftRule::addGiftToCart method. This enables the execution of unauthorized database queries, potentially leading...

CVE-2024-33268

CVE-2024-33268 affects Digincube mdgiftproduct prior to 1.4.1. The root cause is a SQL injection via MdGiftRule::addGiftToCart, enabling an attacker to execute arbitrary SQL commands against the database. Impact is described as high/critical in sources; exploitation details are not provided beyon...

CVE-2024-33268

SQL Injection vulnerability in Digincube mdgiftproduct before 1.4.1 allows an attacker to run arbitrary SQL commands via the MdGiftRule::addGiftToCart method...