Show filters
6 Total Results
Displaying 1-6 of 6
Sort by:
Attacker Value
Unknown

CVE-2023-31671

Disclosure Date: June 14, 2023 (last updated February 25, 2025)
PrestaShop postfinance <= 17.1.13 is vulnerable to SQL Injection via PostfinanceValidationModuleFrontController::postProcess().
Attack Vector: NetworkPrivileges: NoneUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2023-30198

Disclosure Date: June 12, 2023 (last updated February 25, 2025)
Prestashop winbizpayment <= 1.0.2 is vulnerable to Incorrect Access Control via modules/winbizpayment/downloads/download.php.
Attack Vector: NetworkPrivileges: NoneUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2023-3031

Disclosure Date: June 02, 2023 (last updated February 25, 2025)
Improper Limitation of a Pathname leads to a Path Traversal vulnerability in the module King-Avis for Prestashop, allowing a user knowing the download token to read arbitrary local files.This issue affects King-Avis: before 17.3.15.
Attack Vector: NetworkPrivileges: HighUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2023-30197

Disclosure Date: May 31, 2023 (last updated February 25, 2025)
Incorrect Access Control in the module "My inventory" (myinventory) <= 1.6.6 from Webbax for PrestaShop, allows a guest to download personal information without restriction by performing a path traversal attack.
Attack Vector: NetworkPrivileges: NoneUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2023-30196

Disclosure Date: May 30, 2023 (last updated February 25, 2025)
Prestashop salesbooster <= 1.10.4 is vulnerable to Incorrect Access Control via modules/salesbooster/downloads/download.php.
Attack Vector: NetworkPrivileges: NoneUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2023-30199

Disclosure Date: May 19, 2023 (last updated February 25, 2025)
Prestashop customexporter <= 1.7.20 is vulnerable to Incorrect Access Control via modules/customexporter/downloads/download.php.
Attack Vector: NetworkPrivileges: NoneUser Interaction: None
0
0