8 matches found
CVE-2023-45382
In the module "SoNice Retour" soniceretour up to version 2.1.0 from Common-Services for PrestaShop, a guest can download personal information without restriction by performing a path traversal attack. Due to a lack of permissions control and a lack of control in the path name construction, a gues...
CVE-2023-45382
In the module "SoNice Retour" soniceretour up to version 2.1.0 from Common-Services for PrestaShop, a guest can download personal information without restriction by performing a path traversal attack. Due to a lack of permissions control and a lack of control in the path name construction, a gues...
CVE-2023-45382
In the module "SoNice Retour" soniceretour up to version 2.1.0 from Common-Services for PrestaShop, a guest can download personal information without restriction by performing a path traversal attack. Due to a lack of permissions control and a lack of control in the path name construction, a gues...
Path traversal
In the module "SoNice Retour" soniceretour up to version 2.1.0 from Common-Services for PrestaShop, a guest can download personal information without restriction by performing a path traversal attack. Due to a lack of permissions control and a lack of control in the path name construction, a gues...
CVE-2023-45382
In the module "SoNice Retour" soniceretour up to version 2.1.0 from Common-Services for PrestaShop, a guest can download personal information without restriction by performing a path traversal attack. Due to a lack of permissions control and a lack of control in the path name construction, a gues...
CVE-2023-45382
The CVE-2023-45382 entry concerns the SoNice Retour module for PrestaShop (up to version 2.1.0) from Common-Services. A guest can perform a path traversal due to insufficient permissions checks and flawed path-name construction, allowing unauthorized viewing/download of personal information acros...
PrestaShop Path Traversal Vulnerability
PrestaShop is an open source e-commerce solution from PrestaShop, Inc. in the United States. The solution provides multiple payment methods, SMS alerts, and product image scaling. A path traversal vulnerability exists in PrestaShop SoNice Retour 2.1.0 and earlier versions, which stems from a lack...
CVE-2023-45382
In the module "SoNice Retour" soniceretour up to version 2.1.0 from Common-Services for PrestaShop, a guest can download personal information without restriction by performing a path traversal attack. Due to a lack of permissions control and a lack of control in the path name construction, a gues...