CVE-2024-33276

CVE-2024-33276 affects the FME Modules preorderandnotication (versions 3.1.0 and earlier). The root cause is a SQL injection in PreorderModel::getIdProductAttributesByIdAttributes(), enabling remote attackers to execute arbitrary SQL commands. Documents do not specify a patch version or concrete ...

PT-2024-25187 · Unknown · Fme Modules Preorderandnotication

Name of the Vulnerable Software and Affected Versions: FME Modules preorderandnotication versions 3.1.0 and earlier Description: The issue allows a remote attacker to execute arbitrary SQL commands via the PreorderModel::getIdProductAttributesByIdAttributes method. This enables the attacker to...

PrestaShop SQL注入漏洞

PrestaShop is an open source e-commerce solution from the American company PrestaShop. The solution provides multiple payment methods, short message alerts and product image zoom and other features. A SQL injection vulnerability exists in PrestaShop preorderandnotication 3.1.0 and earlier version...

CVE-2024-33276

SQL Injection vulnerability in FME Modules preorderandnotication v.3.1.0 and before allows a remote attacker to run arbitrary SQL commands via the PreorderModel::getIdProductAttributesByIdAttributes method...