Arbitrary Code Execution Vulnerability in Advanced Plugins Sales Reports Module
CVE-2024-28394

Currently unrated

Key Information:

Vendor

PrestaShop

Status
Advanced Plugins Sales Reports, Statistics, Custom Fields & Export
Vendor
CVE Published:
19 March 2024

What is CVE-2024-28394?

A security flaw in the Advanced Plugins Sales Reports, Statistics, Custom Fields & Export module permits remote attackers to execute arbitrary code. This vulnerability exists in versions v1.3.20 and prior, providing an avenue for unauthorized access and potential compromise of the affected systems. Proper precautions must be taken to safeguard against exploitation.

References

https://addons.prestashop.com/en/customer-administration/...
https://security.friendsofpresta.org/modules/2024/03/14/r...

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.