7 matches found
CVE-2024-36677
In the module "Login as customer PRO" loginascustomerpro 1.2.7 from Weblir for PrestaShop, a guest can access direct link to connect to each customer account of the Shop if the module is not installed OR if a secret accessible to administrator is stolen...
CVE-2024-36677
In the module "Login as customer PRO" loginascustomerpro 1.2.7 from Weblir for PrestaShop, a guest can access direct link to connect to each customer account of the Shop if the module is not installed OR if a secret accessible to administrator is stolen...
CVE-2024-36677
The CVE-2024-36677 affects Weblir’s PrestaShop module Login as customer PRO (versions
BIT-MAGENTO-2021-21020 Magento Commerce Improper Access Control Vulnerability
Magento versions 2.4.1 and earlier, 2.4.0 and earlier and 2.3.6 and earlier are vulnerable to an access control bypass vulnerability in the Login as Customer module. Successful exploitation could lead to unauthorized access to restricted resources...
Magento Improper Access Control
Magento versions 2.4.1 and earlier, 2.4.0-p1 and earlier and 2.3.6 and earlier are vulnerable to an access control bypass vulnerability in the Login as Customer module. Successful exploitation could lead to unauthorized access to restricted resources...
CVE-2021-21020
CVE-2021-21020 affects Magento Open Source and Commerce: Magento versions 2.4.1 and earlier, 2.4.0-p1 and earlier, and 2.3.6 and earlier are vulnerable to an access control bypass in the Login as Customer module , potentially allowing unauthorized access to restricted resources. The connected sou...
PT-2021-2186 · Adobe · Magento
Name of the Vulnerable Software and Affected Versions: Magento versions 2.4.1 and earlier Magento versions 2.4.0-p1 and earlier Magento versions 2.3.6 and earlier Description: The issue is related to an access control bypass vulnerability in the Login as Customer module. Successful exploitation...