Vulnerabilities > Prestashop > Prestashop > 1.7.6.5

DATE CVE VULNERABILITY TITLE RISK
2020-07-02 CVE-2020-15080 Missing Authorization vulnerability in Prestashop
In PrestaShop from version 1.7.4.0 and before version 1.7.6.6, some files should not be in the release archive, and others should not be accessible.
network
low complexity
prestashop CWE-862
5.0
5.0
2020-07-02 CVE-2020-15079 Unspecified vulnerability in Prestashop
In PrestaShop from version 1.5.0.0 and before version 1.7.6.6, there is improper access control in Carrier page, Module Manager and Module Positions.
network
low complexity
prestashop
5.5
5.5
2020-07-02 CVE-2020-11074 Cross-site Scripting vulnerability in Prestashop
In PrestaShop from version 1.5.3.0 and before version 1.7.6.6, there is a stored XSS when using the name of a quick access item.
network
low complexity
prestashop CWE-79
5.4
5.4