CVE-2024-28388

Published: 2024-03-14T03:15Z

Last Modified: 2024-11-21T09:06Z

Source: MITRE CVE List

License: MITRE-CVE-TOS

SQL injection vulnerability in SunnyToo stproductcomments module for PrestaShop v.1.0.5 and before, allows a remote attacker to escalate privileges and obtain sensitive information via the StProductCommentClass::getListcomments method. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt