Vulnerability CVE-2024-28391
Published: 2024-03-14

Description:
SQL injection vulnerability in FME Modules quickproducttable module for PrestaShop v.1.2.1 and before, allows a remote attacker to escalate privileges and obtain information via the readCsv(), displayAjaxProductChangeAttr, displayAjaxProductAddToCart, getSearchProducts, and displayAjaxProductSku methods.

 References:
https://security.friendsofpresta.org/modules/2024/03/12/quickproducttable.html
Copyright 2026, cxsecurity.com

 

Back to Top