CVE-2024-34989

2024-06-2100:00:00

mitre

github.com

rsi catalog prestashop sqlinjection

8 High

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

9.1%

JSON

In the module RSI PDF/HTML catalog evolution (prestapdf) <= 7.0.0 from RSI for PrestaShop, a guest can perform SQL injection via `PrestaPDFProductListModuleFrontController::queryDb().’

References

security.friendsofpresta.org/modules/2024/06/20/prestapdf.html