CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Exploits0References2Affected Software1

CVE•added 2026/05/14 8:44 p.m.•25 views

CVE-2026-44212

CVE-2026-44212 concerns PrestaShop's back-office Customer Service view. A stored XSS exists where an unauthenticated attacker can submit the public Contact Us form with a malicious email; the payload is stored in the database and executes when a back-office employee opens the affected customer th...

EUVD•added 2026/05/14 8:44 p.m.•7 views

Exploits0References1

EUVD-2026-30481

Snyk•added 2026/05/08 4:54 p.m.•5 views

Exploits0References1

Cross-site Scripting (XSS)

Overview prestashop/prestashop is an Open Source e-commerce platform, committed to providing the best shopping cart experience for both merchants and customers. Affected versions of this package are vulnerable to Cross-site Scripting XSS via the Customer Service view process. An attacker can...

OSV•added 2026/05/08 4:54 p.m.•3 views

Exploits0References2

GHSA-W9F3-QC75-QGX9 PrestaShop has a stored XSS executable in customer service view

Impact This is a stored Cross-site Scripting XSS vulnerability in the PrestaShop back-office Customer Service view. An unauthenticated attacker can submit the public Contact Us form with a malicious email address. The payload is stored in the database and executed when a back-office employee open...

Github Security Blog•added 2026/05/08 4:54 p.m.•9 views

Exploits0References2

PrestaShop has a stored XSS executable in customer service view

Exploits0References2Affected Software1

Positive Technologies•added 2026/05/08 12:0 a.m.•11 views

PT-2026-39239

Name of the Vulnerable Software and Affected Versions PrestaShop versions prior to 8.2.6 PrestaShop versions prior to 9.1.1 Description A stored Cross-site Scripting XSS issue exists in the back-office Customer Service view. An unauthenticated attacker can submit the public Contact Us form using ...

GithubExploit•added 2026/04/23 9:0 a.m.•152 views

Exploits0References11

tecno_xss_hotfix

tecnoxsshotfix Security hotfix module for PrestaShop — patc...

5.8AI score

Exploits0

OSV•added 2026/03/30 11:49 a.m.•2 views

BIT-PRESTASHOP-2026-33673 PrestaShop has multiple stored XSS vulnerabilities via unprotected Template variables

PrestaShop is an open source e-commerce web application. Versions prior to 8.2.5 and 9.1.0 are vulnerable to stored Cross-Site Scripting stored XSS vulnerabilities in the BO. An attacker who can inject data into the database, via limited back-office access or a previously existing vulnerability,...

NVD•added 2026/03/26 10:16 p.m.•3 views

Exploits0References4

CVE-2026-33673

7.6CVSS0.0027EPSS

Exploits0References3

Vulnrichment•added 2026/03/26 9:41 p.m.•2 views

CVE-2026-33673 PrestaShop has multiple stored XSS vulnerabilities via unprotected Template variables

ATTACKERKB•added 2026/03/26 9:41 p.m.•3 views

Exploits0References3

CVE-2026-33673

Exploits0References4Affected Software1

EUVD•added 2026/03/26 9:41 p.m.•3 views

EUVD-2026-16441

CVE•added 2026/03/26 9:41 p.m.•9 views

Exploits0References3

CVE-2026-33673

PrestaShop cases: Versions prior to 8.2.5 and 9.1.0 are affected by stored XSS in the back-office (BO) templates due to unprotected Template variables. An attacker with database access or a pre-existing vulnerability can inject data into the BO, enabling exploitation of unprotected variables in t...

Exploits0References3Affected Software1

OSV•added 2026/03/26 9:41 p.m.•2 views

CVE-2026-33673 PrestaShop has multiple stored XSS vulnerabilities via unprotected Template variables

Github Security Blog•added 2026/03/25 7:41 p.m.•6 views

Exploits0References5

PrestaShop has multiple stored XSS vulnerabilities via unprotected Template variables

Impact Multiple stored Cross-Site Scripting stored XSS vulnerabilities in the BO: an attacker who can inject data into the database, via limited back-office access or a previously existing vulnerability, can exploit unprotected variables in back-office templates. Patches Patched on 8.2.5 and 9.1....

Exploits0References5Affected Software1

Snyk•added 2026/03/25 7:41 p.m.•2 views

Cross-site Scripting (XSS)

Overview prestashop/prestashop is an Open Source e-commerce platform, committed to providing the best shopping cart experience for both merchants and customers. Affected versions of this package are vulnerable to Cross-site Scripting XSS in unprotected template variables in the back-office. An...