In the module RSI PDF/HTML catalog evolution (prestapdf) ...
Critical severity
Unreviewed
Published
Jun 22, 2024
to the GitHub Advisory Database
•
Updated Jul 3, 2024
Description
Published by the National Vulnerability Database
Jun 21, 2024
Published to the GitHub Advisory Database
Jun 22, 2024
Last updated
Jul 3, 2024
In the module RSI PDF/HTML catalog evolution (prestapdf) <= 7.0.0 from RSI for PrestaShop, a guest can perform SQL injection via `PrestaPDFProductListModuleFrontController::queryDb().'
References