2 matches found
CVE-2024-36679
In the module "Module Live Chat Pro All in One Messaging" livechatpro =8.4.0, a guest can perform PHP Code injection. Due to a predictable token, the method Lcp::saveTranslations suffer of a white writer that can inject PHP code into a PHP file...
CVE-2024-36679
CVE-2024-36679 affects Module Live Chat Pro (All in One Messaging) for PrestaShop, versions