Unrated severityNVD Advisory· Published Aug 12, 2024· Updated Oct 9, 2024
CVE-2024-41651
CVE-2024-41651
Description
An issue in Prestashop v.8.1.7 and before allows a remote attacker to execute arbitrary code via the module upgrade functionality. NOTE: this is disputed by multiple parties, who report that exploitation requires that an attacker be able to hijack network requests made by an admin user (who, by design, is allowed to change the code that is running on the server).
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
3(expand)+ 1 more
- (no CPE)
- (no CPE)range: <=8.1.7
Patches
Vulnerability mechanics
References
1News mentions
0No linked articles in our index yet.