Lucene search
K

7 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 9:24 a.m.5 views

CVE-2024-36677

In the module "Login as customer PRO" loginascustomerpro 1.2.7 from Weblir for PrestaShop, a guest can access direct link to connect to each customer account of the Shop if the module is not installed OR if a secret accessible to administrator is stolen...

7.5CVSS5.9AI score0.00379EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/06/19 12:0 a.m.14 views

CVE-2024-36677

In the module "Login as customer PRO" loginascustomerpro 1.2.7 from Weblir for PrestaShop, a guest can access direct link to connect to each customer account of the Shop if the module is not installed OR if a secret accessible to administrator is stolen...

6.9AI score0.00379EPSS
Exploits0References1
CVE
CVE
added 2024/06/19 12:0 a.m.54 views

CVE-2024-36677

The CVE-2024-36677 affects Weblir’s PrestaShop module Login as customer PRO (versions

7.5CVSS6.9AI score0.00379EPSS
Exploits0References1
OSV
OSV
added 2024/03/06 11:1 a.m.20 views

BIT-MAGENTO-2021-21020 Magento Commerce Improper Access Control Vulnerability

Magento versions 2.4.1 and earlier, 2.4.0 and earlier and 2.3.6 and earlier are vulnerable to an access control bypass vulnerability in the Login as Customer module. Successful exploitation could lead to unauthorized access to restricted resources...

5.3CVSS6.4AI score0.02417EPSS
Exploits0References2
Github Security Blog
Github Security Blog
added 2022/05/24 5:41 p.m.27 views

Magento Improper Access Control

Magento versions 2.4.1 and earlier, 2.4.0-p1 and earlier and 2.3.6 and earlier are vulnerable to an access control bypass vulnerability in the Login as Customer module. Successful exploitation could lead to unauthorized access to restricted resources...

5.3CVSS6.9AI score0.02417EPSS
Exploits0References3Affected Software2
CVE
CVE
added 2021/02/11 7:29 p.m.72 views

CVE-2021-21020

CVE-2021-21020 affects Magento Open Source and Commerce: Magento versions 2.4.1 and earlier, 2.4.0-p1 and earlier, and 2.3.6 and earlier are vulnerable to an access control bypass in the Login as Customer module , potentially allowing unauthorized access to restricted resources. The connected sou...

5.3CVSS5AI score0.02417EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2021/02/09 12:0 a.m.8 views

PT-2021-2186 · Adobe · Magento

Name of the Vulnerable Software and Affected Versions: Magento versions 2.4.1 and earlier Magento versions 2.4.0-p1 and earlier Magento versions 2.3.6 and earlier Description: The issue is related to an access control bypass vulnerability in the Login as Customer module. Successful exploitation...

5.4CVSS5.5AI score0.02417EPSS
Exploits0References9
Rows per page
Query Builder