14Mar
CVE-2024-28391 | quickproducttable Module up to 1.2.1 on PrestaShop sql injection
A vulnerability classified as critical has been found in quickproducttable Module up to 1.2.1 on PrestaShop. Affected is the functionreadCsv/displayAjaxProductChangeAttr/displayAjaxProductAddToCart/getSearchProducts/displayAjaxProductSku
. The manipulation leads to sql injection.
This vulnerability is traded as CVE-2024-28391. It is possible to launch the attack remotely. There is no exploit available.