exploitDog

GHSA-8c9m-4jp4-hh84

Опубликовано: 08 мар. 2024

Источник: github

Github: Не прошло ревью

CVSS3: 9.8

Описание

In the module "Make an offer" (makeanoffer) <= 1.7.1 from PrestaToolKit for PrestaShop, a guest can perform SQL injection via MakeOffers::checkUserExistingOffer()andMakeOffers::addUserOffer()` .

In the module "Make an offer" (makeanoffer) <= 1.7.1 from PrestaToolKit for PrestaShop, a guest can perform SQL injection via MakeOffers::checkUserExistingOffer()andMakeOffers::addUserOffer()` .

Ссылки

EPSS

Процентиль: 24%

0.00083

Низкий

9.8 Critical

CVSS3

CVE ID

Дефекты

CWE-89

Связанные уязвимости

CVE-2024-25849

CVSS3: 9.8

nvd

почти 2 года назад

In the module "Make an offer" (makeanoffer) <= 1.7.1 from PrestaToolKit for PrestaShop, a guest can perform SQL injection via MakeOffers::checkUserExistingOffer()` and `MakeOffers::addUserOffer()` .

EPSS

Процентиль: 24%

0.00083

Низкий

9.8 Critical

CVSS3

CVE ID

Дефекты

CWE-89