Lucene search
MitreCVE-2023-30197HistoryMay 31, 2023 - 1:15 a.m.
CVE-2023-30197
2023-05-3101:15:43
CWE-22
mitre
web.nvd.nist.gov
16
cve-2023-30197
incorrect access control
my inventory
prestashop
path traversal
nvd
CVSS3
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
AI Score
7.4
Confidence
High
EPSS
0.001
Percentile
51.0%
Incorrect Access Control in the module “My inventory” (myinventory) <= 1.6.6 from Webbax for PrestaShop, allows a guest to download personal information without restriction by performing a path traversal attack.
Affected configurations
Node
webbaxmyinventoryRange<1.6.7prestashop
| Vendor | Product | Version | CPE |
|---|---|---|---|
| webbax | myinventory | * | cpe:2.3:a:webbax:myinventory:*:*:*:*:*:prestashop:*:* |
Related
prion
prion
Path traversal
2023-05-31 01:15:00
nvd
nvd
CVE-2023-30197
2023-05-31 01:15:43
cvelist
cvelist
CVE-2023-30197
2023-05-31 00:00:00
CVSS3
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
AI Score
7.4
Confidence
High
EPSS
0.001
Percentile
51.0%
Related for CVE-2023-30197