8Mar
CVE-2024-25849 | Make an Offer Module up to 1.7.1 on PrestaShop addUserOffer sql injection
A vulnerability was found in Make an Offer Module up to 1.7.1 on PrestaShop. It has been rated as critical. Affected by this issue is the functionMakeOffers::checkUserExistingOffer/MakeOffers::addUserOffer
. The manipulation leads to sql injection.
This vulnerability is handled as CVE-2024-25849. Access to the local network is required for this attack to succeed. There is no exploit available.