Vulnerabilities > Prestashop > Prestashop > 1.6
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-08-07 | CVE-2023-39524 | SQL Injection vulnerability in Prestashop PrestaShop is an open source e-commerce web application. | 9.8 |
| 2023-07-13 | CVE-2023-30151 | SQL Injection vulnerability in Prestashop A SQL injection vulnerability in the Boxtal (envoimoinscher) module for PrestaShop, after version 3.1.10, allows remote attackers to execute arbitrary SQL commands via the `key` GET parameter. | 9.8 |
| 2023-06-15 | CVE-2023-31672 | SQL Injection vulnerability in Prestashop In the PrestaShop < 2.4.3 module "Length, weight or volume sell" (ailinear) there is a SQL injection vulnerability. | 9.8 |
| 2023-04-25 | CVE-2023-30838 | Cross-site Scripting vulnerability in Prestashop PrestaShop is an Open Source e-commerce web application. | 9.9 |
| 2023-04-25 | CVE-2023-30839 | SQL Injection vulnerability in Prestashop PrestaShop is an Open Source e-commerce web application. | 8.8 |
| 2023-04-25 | CVE-2023-30545 | SQL Injection vulnerability in Prestashop PrestaShop is an Open Source e-commerce web application. | 6.5 |
| 2023-03-13 | CVE-2023-25170 | Cross-Site Request Forgery (CSRF) vulnerability in Prestashop PrestaShop is an open source e-commerce web application that, prior to version 8.0.1, is vulnerable to cross-site request forgery (CSRF). | 8.8 |
| 2022-12-08 | CVE-2022-46158 | Missing Authorization vulnerability in Prestashop PrestaShop is an open-source e-commerce solution. | 4.3 |
| 2020-07-02 | CVE-2020-4074 | Improper Authentication vulnerability in Prestashop In PrestaShop from version 1.5.0.0 and before version 1.7.6.6, the authentication system is malformed and an attacker is able to forge requests and execute admin commands. | 9.8 |
| 2020-07-02 | CVE-2020-15079 | Unspecified vulnerability in Prestashop In PrestaShop from version 1.5.0.0 and before version 1.7.6.6, there is improper access control in Carrier page, Module Manager and Module Positions. | 5.5 |