PrestaShop is an open source e-commerce solution from PrestaShop, Inc. in the United States. The solution provides a variety of payment methods, short message alerts and product image scaling and other features. A path traversal vulnerability exists in Prestashop winbizpayment that stems from download.php failing to properly filter for special elements in the path of a resource or file. An attacker could use this vulnerability to view all files in the information system.
CPE | Name | Operator | Version |
---|---|---|---|
prestashop prestashop | le | 1.0.2 |