Vulnerabilities > Webbax

DATE CVE VULNERABILITY TITLE RISK
2023-06-14 CVE-2023-31671 SQL Injection vulnerability in Webbax Postfinance 17.1.13
PrestaShop postfinance <= 17.1.13 is vulnerable to SQL Injection via PostfinanceValidationModuleFrontController::postProcess().
network
low complexity
webbax CWE-89
critical
 9.8
9.8
2023-06-12 CVE-2023-30198 Path Traversal vulnerability in Webbax Winbizpayment 1.0.2
Prestashop winbizpayment <= 1.0.2 is vulnerable to Incorrect Access Control via modules/winbizpayment/downloads/download.php.
network
low complexity
webbax CWE-22
7.5
7.5
2023-06-02 CVE-2023-3031 Path Traversal vulnerability in Webbax King-Avis
Improper Limitation of a Pathname leads to a Path Traversal vulnerability in the module King-Avis for Prestashop, allowing a user knowing the download token to read arbitrary local files.This issue affects King-Avis: before 17.3.15.
network
low complexity
webbax CWE-22
4.9
4.9
2023-05-31 CVE-2023-30197 Path Traversal vulnerability in Webbax Myinventory 1.6.6
Incorrect Access Control in the module "My inventory" (myinventory) <= 1.6.6 from Webbax for PrestaShop, allows a guest to download personal information without restriction by performing a path traversal attack.
network
low complexity
webbax CWE-22
7.5
7.5
2023-05-30 CVE-2023-30196 Path Traversal vulnerability in Webbax Salesbooster 1.10.4
Prestashop salesbooster <= 1.10.4 is vulnerable to Incorrect Access Control via modules/salesbooster/downloads/download.php.
network
low complexity
webbax CWE-22
7.5
7.5
2023-05-19 CVE-2023-30199 Path Traversal vulnerability in Webbax Customexporter 1.7.20
Prestashop customexporter <= 1.7.20 is vulnerable to Incorrect Access Control via modules/customexporter/downloads/download.php.
network
low complexity
webbax CWE-22
7.5
7.5