5 matches found
CVE-2024-36679
In the module "Module Live Chat Pro All in One Messaging" livechatpro =8.4.0, a guest can perform PHP Code injection. Due to a predictable token, the method Lcp::saveTranslations suffer of a white writer that can inject PHP code into a PHP file...
CVE-2024-36679
CVE-2024-36679 affects Module Live Chat Pro (All in One Messaging) for PrestaShop, versions
PT-2024-27122 · Unknown · Module Live Chat Pro
Name of the Vulnerable Software and Affected Versions: Module Live Chat Pro All in One Messaging versions prior to 8.4.0 Description: The issue allows a guest to perform PHP code injection due to a predictable token. The method Lcp::saveTranslations is vulnerable, enabling the injection of PHP co...
CVE-2024-36679
In the module "Module Live Chat Pro All in One Messaging" livechatpro =8.4.0, a guest can perform PHP Code injection. Due to a predictable token, the method Lcp::saveTranslations suffer of a white writer that can inject PHP code into a PHP file...
CVE-2024-36679
In the module "Module Live Chat Pro All in One Messaging" livechatpro =8.4.0, a guest can perform PHP Code injection. Due to a predictable token, the method Lcp::saveTranslations suffer of a white writer that can inject PHP code into a PHP file...