CVE-2024-33268

SQL Injection vulnerability in Digincube mdgiftproduct before 1.4.1 allows an attacker to run arbitrary SQL commands via the MdGiftRule::addGiftToCart method...

PT-2024-25179 · Digincube · Mdgiftproduct

Name of the Vulnerable Software and Affected Versions: Digincube mdgiftproduct versions prior to 1.4.1 Description: The issue allows an attacker to run arbitrary SQL commands via the MdGiftRule::addGiftToCart method. This enables the execution of unauthorized database queries, potentially leading...

CVE-2024-33268

CVE-2024-33268 affects Digincube mdgiftproduct prior to 1.4.1. The root cause is a SQL injection via MdGiftRule::addGiftToCart, enabling an attacker to execute arbitrary SQL commands against the database. Impact is described as high/critical in sources; exploitation details are not provided beyon...

PrestaShop SQL注入漏洞

PrestaShop is an open source e-commerce solution from the American company PrestaShop. The solution provides multiple payment methods, short message alerts, and product image scaling. A SQL injection vulnerability exists in PrestaShop mdgiftproduct versions prior to 1.4.1, which originates from...