1 results (0.002 seconds)
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-28393
https://notcve.org/view.php?id=CVE-2024-28393
25 Mar 2024 — SQL injection vulnerability in scalapay v.1.2.41 and before allows a remote attacker to escalate privileges via the ScalapayReturnModuleFrontController::postProcess() method. Vulnerabilidad de inyección SQL en Scalapay v.1.2.41 y anteriores permite a un atacante remoto escalar privilegios a través del método ScalapayReturnModuleFrontController::postProcess(). • https://addons.prestashop.com/fr/paiement-en-plusieurs-fois/87023-scalapay-payez-en-3-fois-sans-frais.html • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •