CVE-2023-50029
CVE-2023-50029
Vexday Risk Score
28Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS 10EPSS 0.8%KEV nãoPoC —Nuclei —Metasploit —Patch —
Lifecycle
24 Jun 2024Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
PHP Injection vulnerability in the module "M4 PDF Extensions" (m4pdf) up to version 3.3.2 from PrestaAddons for PrestaShop allows attackers to run arbitrary code via the M4PDF::saveTemplate() method.
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
Affected products
n/a · n/a