Vulnerabilities > CVE-2023-39677

CVSS 7.5 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

HIGH

Integrity impact

NONE

Availability impact

NONE

network

low complexity

updateproducts-project

simpleimportproduct-project

NVD

Published: 2023-09-20

Updated: 2024-11-21

Summary

MyPrestaModules Prestashop Module v6.2.9 and UpdateProducts Prestashop Module v3.6.9 were discovered to contain a PHPInfo information disclosure vulnerability via send.php.

Vulnerable Configurations

Part	Description	Count
Application	Updateproducts_Project Updateproducts Project Updateproducts 3.6.9	1
Application	Simpleimportproduct_Project Simpleimportproduct Project Simpleimportproduct 6.2.9	1

References

https://blog.sorcery.ie/posts/myprestamodules_phpinfo/
https://blog.sorcery.ie/posts/myprestamodules_phpinfo/
https://myprestamodules.com/
https://myprestamodules.com/
https://sorcery.ie
https://sorcery.ie

Vulnerabilities > CVE-2023-39677 {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"CVE-2023-39677"}]}

Summary

Vulnerable Configurations

References

Vulnerabilities > CVE-2023-39677