Vulnerabilities > Prestashop
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2024-08-12 | CVE-2024-41651 | Server-Side Request Forgery (SSRF) vulnerability in Prestashop An issue in Prestashop v.8.1.7 and before allows a remote attacker to execute arbitrary code via the module upgrade functionality. | 8.1 |
2024-06-19 | CVE-2024-36684 | SQL Injection vulnerability in Prestashop PK Customlinks In the module "Custom links" (pk_customlinks) <= 2.3 from Promokit.eu for PrestaShop, a guest can perform SQL injection. | 9.8 |
2024-01-16 | CVE-2023-48926 | Missing Authorization vulnerability in Prestashop Advanced Loyalty Program An issue in 202 ecommerce Advanced Loyalty Program: Loyalty Points before v2.3.4 for PrestaShop allows unauthenticated attackers to arbitrarily change an order status. | 5.3 |
2024-01-02 | CVE-2024-21628 | Unspecified vulnerability in Prestashop PrestaShop is an open-source e-commerce platform. | 6.1 |
2024-01-02 | CVE-2024-21627 | Cross-site Scripting vulnerability in Prestashop PrestaShop is an open-source e-commerce platform. | 6.1 |
2023-11-09 | CVE-2023-47110 | Unspecified vulnerability in Prestashop Customer Reassurance Block blockreassurance adds an information block aimed at offering helpful information to reassure customers that their store is trustworthy. | 5.3 |
2023-11-08 | CVE-2023-47109 | Unspecified vulnerability in Prestashop Customer Reassurance Block PrestaShop blockreassurance adds an information block aimed at offering helpful information to reassure customers that the store is trustworthy. | 8.1 |
2023-10-31 | CVE-2023-36263 | SQL Injection vulnerability in Prestashop Opartlimitquantity 1.4.5 Prestashop opartlimitquantity 1.4.5 and before is vulnerable to SQL Injection. | 9.8 |
2023-09-28 | CVE-2023-43663 | Unspecified vulnerability in Prestashop PrestaShop is an Open Source e-commerce web application. | 4.3 |
2023-09-28 | CVE-2023-43664 | Unspecified vulnerability in Prestashop PrestaShop is an Open Source e-commerce web application. | 4.3 |