CVE-2024-28391 | quickproducttable Module up to 1.2.1 on PrestaShop sql injection

CVE-2024-28391 | quickproducttable Module up to 1.2.1 on PrestaShop sql injection

A vulnerability classified as critical has been found in quickproducttable Module up to 1.2.1 on PrestaShop. Affected is the function readCsv/displayAjaxProductChangeAttr/displayAjaxProductAddToCart/getSearchProducts/displayAjaxProductSku. The manipulation leads to sql injection. This vulnerability is traded as CVE-2024-28391. It is possible to launch the attack remotely. There is no exploit available.