Description
PHP Injection vulnerability in the module "M4 PDF Extensions" (m4pdf) up to version 3.3.2 from PrestaAddons for PrestaShop allows attackers to run arbitrary code via the M4PDF::saveTemplate() method.
Published: 2024-06-24
Score: 10.0 Critical
EPSS: < 1% Very Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

No analysis available yet.

Remediation

No remediation available yet.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

No history.

Subscriptions

No data.

cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published:

Updated: 2024-08-02T22:09:49.791Z

Reserved: 2023-12-04T00:00:00.000Z

Link: CVE-2023-50029

cve-icon Vulnrichment

Updated: 2024-08-02T22:09:49.791Z

cve-icon NVD

Status : Deferred

Published: 2024-06-24T23:15:10.157

Modified: 2026-06-17T06:39:06.747

Link: CVE-2023-50029

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

No data.

Weaknesses
  • CWE-94

    Improper Control of Generation of Code ('Code Injection')