Lucene search

K

[email protected]NVD:CVE-2024-36677

HistoryJun 19, 2024 - 9:15 p.m.

CVE-2024-36677

2024-06-1921:15:57

[email protected]

web.nvd.nist.gov

5

weblir

prestashop

guest access

0.0004 Low

EPSS

Percentile

9.1%

In the module “Login as customer PRO” (loginascustomerpro) <1.2.7 from Weblir for PrestaShop, a guest can access direct link to connect to each customer account of the Shop if the module is not installed OR if a secret accessible to administrator is stolen.

References

security.friendsofpresta.org/modules/2024/06/18/loginascustomerpro.html

0.0004 Low

EPSS

Percentile

9.1%

Related for NVD:CVE-2024-36677

cve1 cvelist1 vulnrichment1