CVE-2024-28388

SQL injection vulnerability in SunnyToo stproductcomments module for PrestaShop v.1.0.5 and before, allows a remote attacker to escalate privileges and obtain sensitive information via the StProductCommentClass::getListcomments method...

CVE-2024-28388

SQL injection vulnerability in SunnyToo stproductcomments module for PrestaShop v.1.0.5 and before, allows a remote attacker to escalate privileges and obtain sensitive information via the StProductCommentClass::getListcomments method...

Sql injection

SQL injection vulnerability in SunnyToo stproductcomments module for PrestaShop v.1.0.5 and before, allows a remote attacker to escalate privileges and obtain sensitive information via the StProductCommentClass::getListcomments method...

CVE-2024-28388

The CVE-2024-28388 vulnerability affects SunnyToo stproductcomments module for PrestaShop up to version 1.0.5 and earlier, due to a SQL injection in StProductCommentClass::getListcomments. The issue can allow a remote attacker to escalate privileges and exfiltrate sensitive information, with CVSS...

PT-2024-22407 · Unknown · Sunnytoo Stproductcomments +1

Name of the Vulnerable Software and Affected Versions: SunnyToo stproductcomments module for PrestaShop versions 1.0.5 and earlier Description: The issue allows a remote attacker to escalate privileges and obtain sensitive information via the StProductCommentClass::getListcomments method. This is...

PrestaShop SQL Injection Vulnerability

PrestaShop is an open source e-commerce solution from PrestaShop, Inc. in the United States. The solution provides multiple payment methods, short message alerts, and product image scaling. A SQL injection vulnerability exists in PrestaShop stproductcomments v.1.0.5 and earlier versions, which...