Security Advisory

CVE-2024-25849

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2024-03-08 00:00:00

Last updated 2025-04-16 15:51:24

Assigner mitre

State PUBLISHED

Description

In the module "Make an offer" (makeanoffer) <= 1.7.1 from PrestaToolKit for PrestaShop, a guest can perform SQL injection via MakeOffers::checkUserExistingOffer()` and `MakeOffers::addUserOffer()` .

← Browse all CVEs View on cve.org ↗