Search Results | AttackerKB

Show filters

Topics 4 Users 9,714

Clear All

Disclosure Date

Disclosure Year Disclosure Month

Collection Command and Control Credential Access Defense Evasion Discovery Execution Exfiltration Impact Initial Access Lateral Movement Persistence Privilege Escalation

4 Total Results

Displaying 1-4 of 4

Attacker Value

Unknown

CVE-2023-43983

Disclosure Date: October 05, 2023 (last updated October 09, 2023)

Presto Changeo attributegrid up to 2.0.3 was discovered to contain a SQL injection vulnerability via the component disable_json.php.

Attack Vector: Network Privileges: None User Interaction: None

0

Attacker Value

Unknown

CVE-2023-43981

Disclosure Date: October 05, 2023 (last updated October 09, 2023)

Presto Changeo testsitecreator up to 1.1.1 was discovered to contain a deserialization vulnerability via the component delete_excluded_folder.php.

Attack Vector: Network Privileges: None User Interaction: None

0

Attacker Value

Unknown

CVE-2023-43980

Disclosure Date: October 02, 2023 (last updated October 09, 2023)

Presto Changeo testsitecreator up to v1.1.1 was discovered to contain a SQL injection vulnerability via the component disable_json.php.

Attack Vector: Network Privileges: None User Interaction: None

0

Attacker Value

Unknown

CVE-2012-5799

Disclosure Date: November 04, 2012 (last updated October 05, 2023)

The Canada Post (aka CanadaPost) module in PrestaShop does not verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via an arbitrary valid certificate, related to use of the PHP fsockopen function.

0