Vulnerabilities > Prestashop

DATE CVE VULNERABILITY TITLE RISK
2024-08-12 CVE-2024-41651 Server-Side Request Forgery (SSRF) vulnerability in Prestashop
An issue in Prestashop v.8.1.7 and before allows a remote attacker to execute arbitrary code via the module upgrade functionality.
network
high complexity
prestashop CWE-918
8.1
2024-06-19 CVE-2024-36684 SQL Injection vulnerability in Prestashop PK Customlinks
In the module "Custom links" (pk_customlinks) <= 2.3 from Promokit.eu for PrestaShop, a guest can perform SQL injection.
network
low complexity
prestashop CWE-89
critical
9.8
2024-01-16 CVE-2023-48926 Missing Authorization vulnerability in Prestashop Advanced Loyalty Program
An issue in 202 ecommerce Advanced Loyalty Program: Loyalty Points before v2.3.4 for PrestaShop allows unauthenticated attackers to arbitrarily change an order status.
network
low complexity
prestashop CWE-862
5.3
2024-01-02 CVE-2024-21628 Unspecified vulnerability in Prestashop
PrestaShop is an open-source e-commerce platform.
network
low complexity
prestashop
6.1
2024-01-02 CVE-2024-21627 Cross-site Scripting vulnerability in Prestashop
PrestaShop is an open-source e-commerce platform.
network
low complexity
prestashop CWE-79
6.1
2023-11-09 CVE-2023-47110 Unspecified vulnerability in Prestashop Customer Reassurance Block
blockreassurance adds an information block aimed at offering helpful information to reassure customers that their store is trustworthy.
network
low complexity
prestashop
5.3
2023-11-08 CVE-2023-47109 Unspecified vulnerability in Prestashop Customer Reassurance Block
PrestaShop blockreassurance adds an information block aimed at offering helpful information to reassure customers that the store is trustworthy.
network
low complexity
prestashop
8.1
2023-10-31 CVE-2023-36263 SQL Injection vulnerability in Prestashop Opartlimitquantity 1.4.5
Prestashop opartlimitquantity 1.4.5 and before is vulnerable to SQL Injection.
network
low complexity
prestashop CWE-89
critical
9.8
2023-09-28 CVE-2023-43663 Unspecified vulnerability in Prestashop
PrestaShop is an Open Source e-commerce web application.
network
low complexity
prestashop
4.3
2023-09-28 CVE-2023-43664 Unspecified vulnerability in Prestashop
PrestaShop is an Open Source e-commerce web application.
network
low complexity
prestashop
4.3