CVE-2023-50029

PHP Injection vulnerability in the module "M4 PDF Extensions" (m4pdf) up to version 3.3.2 from PrestaAddons for PrestaShop allows attackers to run arbitrary code via the M4PDF::saveTemplate() method.
Configurations

No configuration.

History

21 Nov 2024, 08:36

Type Values Removed Values Added
References () https://security.friendsofpresta.org/modules/2024/06/20/m4pdf.html - () https://security.friendsofpresta.org/modules/2024/06/20/m4pdf.html -

03 Jul 2024, 01:42

Type Values Removed Values Added
CWE CWE-94
CVSS v2 : unknown
v3 : unknown
v2 : unknown
v3 : 10.0

25 Jun 2024, 12:24

Type Values Removed Values Added
Summary
  • (es) Vulnerabilidad de inyección de PHP en el módulo "M4 PDF Extensions" (m4pdf) hasta la versión 3.3.2 de PrestaAddons para PrestaShop permite a los atacantes ejecutar código de su elección a través del método M4PDF::saveTemplate().

24 Jun 2024, 23:15

Type Values Removed Values Added
New CVE

Information

Published : 2024-06-24 23:15

Updated : 2024-11-21 08:36


NVD link : CVE-2023-50029

Mitre link : CVE-2023-50029

CVE.ORG link : CVE-2023-50029


JSON object : View

Products Affected

No product.

CWE
CWE-94

Improper Control of Generation of Code ('Code Injection')