PT-2024-27126 · Prestashop +1 · Theme Settings +1

Name of the Vulnerable Software and Affected Versions: PrestaShop module "Theme settings" pk themesettings versions = 1.8.8 Description: The issue allows a guest to download a txt file containing collected email addresses when the shop is in maintenance mode, due to a lack of permissions control...

PT-2024-27121 · Unknown +1 · Prestashop +1

Name of the Vulnerable Software and Affected Versions: PrestaShop module "Theme settings" pk themesettings versions = 1.8.8 Description: The issue allows a guest to perform SQL injection in the "Theme settings" module. Specifically, the script ajax.php contains a sensitive SQL call that can be...