Vulnerabilities > Prestashop
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-06-15 | CVE-2023-31672 | SQL Injection vulnerability in Prestashop In the PrestaShop < 2.4.3 module "Length, weight or volume sell" (ailinear) there is a SQL injection vulnerability. | 9.8 |
| 2023-05-12 | CVE-2023-30192 | SQL Injection vulnerability in Prestashop Possearchproducts 1.7 Prestashop possearchproducts 1.7 is vulnerable to SQL Injection via PosSearch::find(). | 9.8 |
| 2023-05-10 | CVE-2023-30194 | SQL Injection vulnerability in Prestashop Poststaticfooter Prestashop posstaticfooter <= 1.0.0 is vulnerable to SQL Injection via posstaticfooter::getPosCurrentHook(). | 9.8 |
| 2023-05-04 | CVE-2023-30282 | Unspecified vulnerability in Prestashop Scexportcustomers PrestaShop scexportcustomers <= 3.6.1 is vulnerable to Incorrect Access Control. | 7.5 |
| 2023-04-25 | CVE-2023-30838 | Cross-site Scripting vulnerability in Prestashop PrestaShop is an Open Source e-commerce web application. | 9.9 |
| 2023-04-25 | CVE-2023-30839 | SQL Injection vulnerability in Prestashop PrestaShop is an Open Source e-commerce web application. | 8.8 |
| 2023-04-25 | CVE-2023-30545 | SQL Injection vulnerability in Prestashop PrestaShop is an Open Source e-commerce web application. | 6.5 |
| 2023-03-21 | CVE-2023-27569 | SQL Injection vulnerability in Prestashop EO Tags The eo_tags package before 1.3.0 for PrestaShop allows SQL injection via an HTTP User-Agent or Referer header. | 9.8 |
| 2023-03-21 | CVE-2023-27570 | SQL Injection vulnerability in Prestashop EO Tags The eo_tags package before 1.4.19 for PrestaShop allows SQL injection via a crafted _ga cookie. | 9.8 |
| 2023-03-14 | CVE-2023-25206 | SQL Injection vulnerability in Prestashop Advanced Reviews PrestaShop ws_productreviews < 3.6.2 is vulnerable to SQL Injection. | 8.8 |