Vulnerability Details CVE-2024-28388
SQL injection vulnerability in SunnyToo stproductcomments module for PrestaShop v.1.0.5 and before, allows a remote attacker to escalate privileges and obtain sensitive information via the StProductCommentClass::getListcomments method.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.003
EPSS Ranking 52.2%
CVSS Severity
CVSS v3 Score 9.8
References
Products affected by CVE-2024-28388
-
cpe:2.3:a:sunnytoo:product_comments:*