Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

9 matches found

RedhatCVE
RedhatCVEadded 2025/05/23 9:30 a.m.4 views

CVE-2024-36681

SQL Injection vulnerability in the module "Isotope" pkisotope =1.7.3 from Promokit.eu for PrestaShop allows attackers to obtain sensitive information and cause other impacts via pkisotope::saveData and pkisotope::removeData methods...

9.8CVSS7.6AI score0.00062EPSS
Exploits0References1
RedhatCVE
RedhatCVEadded 2025/05/23 9:24 a.m.0 views

CVE-2024-36684

In the module "Custom links" pkcustomlinks = 2.3 from Promokit.eu for PrestaShop, a guest can perform SQL injection. The script ajax.php have a sensitive SQL call that can be executed with a trivial http call and exploited to forge a SQL injection...

9.8CVSS5.9AI score0.00808EPSS
Exploits0References1
RedhatCVE
RedhatCVEadded 2025/05/23 9:24 a.m.0 views

CVE-2024-36678

In the module "Theme settings" pkthemesettings = 1.8.8 from Promokit.eu for PrestaShop, a guest can perform SQL injection. The script ajax.php have a sensitive SQL call that can be executed with a trivial http call and exploited to forge a SQL injection...

9.8CVSS5.9AI score0.00277EPSS
Exploits1References1
RedhatCVE
RedhatCVEadded 2025/05/23 8:17 a.m.0 views

CVE-2024-36680

In the module "Facebook" pkfacebook =1.0.1 from Promokit.eu for PrestaShop, a guest can perform SQL injection. The ajax script facebookConnect.php have a sensitive SQL call that can be executed with a trivial http call and exploited to forge a SQL injection...

7.5CVSS5.9AI score0.00302EPSS
Exploits0References1
Wallarm Lab
Wallarm Labadded 2024/06/26 10:45 p.m.34 views

CVE-2024-36680: SQL Injection Vulnerability in Facebook’s PrestaShop Module Exposes Thousands of E-commerce Sites to Credit Card Fraud

SQL Injection Exposure in Promokit.eu Threatens Facebook's PrestaShop Customers PrestaShop is a free, open-source E-commerce platform launched in 2007. Built with PHP and MySQL, it offers customizable, scalable solutions for online stores. Features include product management, inventory tracking,...

7.5CVSS7.7AI score0.00302EPSS
Exploits2
VulnCheck KEV
VulnCheck KEVadded 2024/06/24 12:0 a.m.0 views

VulnCheck KEV: CVE-2024-36680

In the module Facebook pkfacebook =1.0.1 from Promokit.eu for PrestaShop, a guest can perform SQL injection. The ajax script facebookConnect.php have a sensitive SQL call that can be executed with a trivial http call and exploited to forge a SQL injection...

7.5CVSS5.9AI score0.00302EPSS
Exploits0References1
CVE
CVEadded 2024/06/24 12:0 a.m.51 views

CVE-2024-36682

CVE-2024-36682 affects the PrestaShop module Theme settings (pk_themesettings) version

7.5CVSS7AI score0.00284EPSS
Exploits0References1
OSV
OSVadded 2024/06/19 9:15 p.m.0 views

CVE-2024-36678

In the module "Theme settings" pkthemesettings = 1.8.8 from Promokit.eu for PrestaShop, a guest can perform SQL injection. The script ajax.php have a sensitive SQL call that can be executed with a trivial http call and exploited to forge a SQL injection...

9.8CVSS5.8AI score
Exploits0References1
OSV
OSVadded 2024/06/19 9:15 p.m.0 views

CVE-2024-36684

In the module "Custom links" pkcustomlinks = 2.3 from Promokit.eu for PrestaShop, a guest can perform SQL injection. The script ajax.php have a sensitive SQL call that can be executed with a trivial http call and exploited to forge a SQL injection...

9.8CVSS5.8AI score0.00808EPSS
Exploits0References1
Rows per page
Query Builder