Vulnerabilities > Prestashop
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2023-03-21 | CVE-2023-27570 | SQL Injection vulnerability in Prestashop EO Tags The eo_tags package before 1.4.19 for PrestaShop allows SQL injection via a crafted _ga cookie. | 9.8 |
2023-03-14 | CVE-2023-25206 | SQL Injection vulnerability in Prestashop Advanced Reviews PrestaShop ws_productreviews < 3.6.2 is vulnerable to SQL Injection. | 8.8 |
2023-03-13 | CVE-2023-25207 | SQL Injection vulnerability in Prestashop DPD France PrestaShop dpdfrance <6.1.3 is vulnerable to SQL Injection via dpdfrance/ajax.php. | 9.8 |
2023-03-13 | CVE-2023-25170 | Unspecified vulnerability in Prestashop PrestaShop is an open source e-commerce web application that, prior to version 8.0.1, is vulnerable to cross-site request forgery (CSRF). | 8.8 |
2023-03-06 | CVE-2023-24763 | SQL Injection vulnerability in Prestashop XEN Forum In the module "Xen Forum" (xenforum) for PrestaShop, an authenticated user can perform SQL injection in versions up to 2.13.0. | 8.8 |
2022-12-08 | CVE-2022-46158 | Missing Authorization vulnerability in Prestashop PrestaShop is an open-source e-commerce solution. | 4.3 |
2022-09-02 | CVE-2022-35933 | Cross-site Scripting vulnerability in Prestashop Productcomments This package is a PrestaShop module that allows users to post reviews and rate products. | 6.1 |
2022-08-01 | CVE-2022-31181 | SQL Injection vulnerability in Prestashop PrestaShop is an Open Source e-commerce platform. | 9.8 |
2022-07-13 | CVE-2020-21967 | Cross-site Scripting vulnerability in Prestashop 1.7.6.7 File upload vulnerability in the Catalog feature in Prestashop 1.7.6.7 allows remote attackers to run arbitrary code via the add new file page. | 4.8 |
2022-06-27 | CVE-2022-31101 | Unspecified vulnerability in Prestashop Blockwishlist 2.0.0/2.0.1/2.1.0 prestashop/blockwishlist is a prestashop extension which adds a block containing the customer's wishlists. | 8.8 |