Vulnerabilities > Prestashop > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-09-20 | CVE-2022-45447 | Path Traversal vulnerability in Prestashop M4 PDF M4 PDF plugin for Prestashop sites, in its 3.2.3 version and before, is vulnerable to a directory traversal vulnerability. | 6.5 |
| 2023-08-07 | CVE-2023-39527 | Unspecified vulnerability in Prestashop PrestaShop is an open source e-commerce web application. | 6.1 |
| 2023-07-25 | CVE-2023-33777 | Path Traversal vulnerability in Prestashop Amazon An issue in /functions/fbaorder.php of Prestashop amazon before v5.2.24 allows attackers to execute a directory traversal attack. | 5.3 |
| 2023-04-25 | CVE-2023-30545 | Unspecified vulnerability in Prestashop PrestaShop is an Open Source e-commerce web application. | 6.5 |
| 2022-12-08 | CVE-2022-46158 | Missing Authorization vulnerability in Prestashop PrestaShop is an open-source e-commerce solution. | 4.3 |
| 2022-09-02 | CVE-2022-35933 | Cross-site Scripting vulnerability in Prestashop Productcomments This package is a PrestaShop module that allows users to post reviews and rate products. | 6.1 |
| 2022-07-13 | CVE-2020-21967 | Cross-site Scripting vulnerability in Prestashop 1.7.6.7 File upload vulnerability in the Catalog feature in Prestashop 1.7.6.7 allows remote attackers to run arbitrary code via the add new file page. | 4.8 |
| 2021-12-21 | CVE-2012-20001 | Cross-site Scripting vulnerability in Prestashop PrestaShop before 1.5.2 allows XSS via the "<object data='data:text/html" substring in the message field. | 6.1 |
| 2021-03-31 | CVE-2021-21418 | Unspecified vulnerability in Prestashop PS Emailsubscription 2.6.0 ps_emailsubscription is a newsletter subscription module for the PrestaShop platform. | 5.4 |
| 2021-03-30 | CVE-2021-21398 | Unspecified vulnerability in Prestashop 1.7.7.0/1.7.7.1/1.7.7.2 PrestaShop is a fully scalable open source e-commerce solution. | 5.4 |