Security Advisory

CVE-2024-34990

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2024-06-19 00:00:00

Last updated 2024-08-02 03:07:46

Assigner mitre

State PUBLISHED

Description

In the module "Help Desk - Customer Support Management System" (helpdesk) up to version 2.4.0 from FME Modules for PrestaShop, a customer can upload .php files. Methods `HelpdeskHelpdeskModuleFrontController::submitTicket()` and `HelpdeskHelpdeskModuleFrontController::replyTicket()` allow upload of .php files on a predictable path for connected customers.

← Browse all CVEs View on cve.org ↗