CVE-2024-34988 Information

Description

SQL injection vulnerability in the module \Complete for Create a Quote in Frontend + Backend Pro\ (askforaquotemodul) <= 1.0.51 from Buy Addons for PrestaShop allows attackers to view sensitive information and cause other impacts via methods AskforaquotemodulcustomernewquoteModuleFrontController::run() AskforaquotemoduladdproductnewquoteModuleFrontController::run() AskforaquotemodulCouponcodeModuleFrontController::run() AskforaquotemodulgetshippingcostModuleFrontController::run() AskforaquotemodulgetstateModuleFrontController::run().

Reference

https://security.friendsofpresta.org/modules/2024/06/20/askforaquotemodul.html