PHP Injection vulnerability in the module "M4 PDF Extensions" (m4pdf) up to version 3.3.2 from PrestaAddons for PrestaShop allows attackers to run arbitrary code via the M4PDF::saveTemplate() method.
References
Configurations
No configuration.
History
21 Nov 2024, 08:36
Type | Values Removed | Values Added |
---|---|---|
References | () https://security.friendsofpresta.org/modules/2024/06/20/m4pdf.html - |
03 Jul 2024, 01:42
Type | Values Removed | Values Added |
---|---|---|
CWE | CWE-94 | |
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 10.0 |
25 Jun 2024, 12:24
Type | Values Removed | Values Added |
---|---|---|
Summary |
|
24 Jun 2024, 23:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2024-06-24 23:15
Updated : 2024-11-21 08:36
NVD link : CVE-2023-50029
Mitre link : CVE-2023-50029
CVE.ORG link : CVE-2023-50029
JSON object : View
Products Affected
No product.
CWE
CWE-94
Improper Control of Generation of Code ('Code Injection')