Unrated severityNVD Advisory· Published Mar 20, 2024· Updated Aug 2, 2024

CVE-2024-28395

Description

SQL injection vulnerability in Best-Kit bestkit_popup v.1.7.2 and before allows a remote attacker to escalate privileges via the bestkit_popup.php component.

Affected products

Best-Kit/bestkit_popupdescription
Best-Kit/bestkit_popupllm-create
Range: <=1.7.2

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

addons.prestashop.com/en/pop-up/20208-pop-up-schedule-popup-splash-window.htmlmitre
security.friendsofpresta.org/modules/2024/03/14/bestkit_popup.htmlmitre

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000