CVE-2024-25847 Information

Mar 07, 2024 cve

Description

SQL Injection vulnerability in MyPrestaModules \Product Catalog (CSV Excel) Import\ (simpleimportproduct) modules for PrestaShop versions 6.5.0 and before allows attackers to escalate privileges and obtain sensitive information via Send::__construct() and importProducts::_addDataToDb methods.

Reference

https://github.com/friends-of-presta/security-advisories/blob/main/_posts/2024-02-29-simpleimportproduct.md

Share on: