Lucene search
K

8 matches found

RedhatCVE
RedhatCVE
added 2026/01/09 12:35 p.m.11 views

CVE-2023-45382

In the module "SoNice Retour" soniceretour up to version 2.1.0 from Common-Services for PrestaShop, a guest can download personal information without restriction by performing a path traversal attack. Due to a lack of permissions control and a lack of control in the path name construction, a gues...

7.5CVSS6.7AI score0.00761EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2023/11/17 2:15 a.m.10 views

CVE-2023-45382

In the module "SoNice Retour" soniceretour up to version 2.1.0 from Common-Services for PrestaShop, a guest can download personal information without restriction by performing a path traversal attack. Due to a lack of permissions control and a lack of control in the path name construction, a gues...

7.5CVSS7.1AI score0.00761EPSS
Exploits0References3
NVD
NVD
added 2023/11/17 2:15 a.m.21 views

CVE-2023-45382

In the module "SoNice Retour" soniceretour up to version 2.1.0 from Common-Services for PrestaShop, a guest can download personal information without restriction by performing a path traversal attack. Due to a lack of permissions control and a lack of control in the path name construction, a gues...

7.5CVSS0.00761EPSS
Exploits0References2
Prion
Prion
added 2023/11/17 2:15 a.m.15 views

Path traversal

In the module "SoNice Retour" soniceretour up to version 2.1.0 from Common-Services for PrestaShop, a guest can download personal information without restriction by performing a path traversal attack. Due to a lack of permissions control and a lack of control in the path name construction, a gues...

5CVSS6.9AI score0.00761EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2023/11/17 12:0 a.m.11 views

CVE-2023-45382

In the module "SoNice Retour" soniceretour up to version 2.1.0 from Common-Services for PrestaShop, a guest can download personal information without restriction by performing a path traversal attack. Due to a lack of permissions control and a lack of control in the path name construction, a gues...

6.7AI score0.00761EPSS
Exploits0References2
CVE
CVE
added 2023/11/17 12:0 a.m.31 views

CVE-2023-45382

The CVE-2023-45382 entry concerns the SoNice Retour module for PrestaShop (up to version 2.1.0) from Common-Services. A guest can perform a path traversal due to insufficient permissions checks and flawed path-name construction, allowing unauthorized viewing/download of personal information acros...

7.5CVSS7.4AI score0.00761EPSS
Exploits0References2Affected Software1
CNNVD
CNNVD
added 2023/11/17 12:0 a.m.4 views

PrestaShop Path Traversal Vulnerability

PrestaShop is an open source e-commerce solution from PrestaShop, Inc. in the United States. The solution provides multiple payment methods, SMS alerts, and product image scaling. A path traversal vulnerability exists in PrestaShop SoNice Retour 2.1.0 and earlier versions, which stems from a lack...

7.5CVSS6.6AI score0.00761EPSS
Exploits0References3
Cvelist
Cvelist
added 2023/11/17 12:0 a.m.17 views

CVE-2023-45382

In the module "SoNice Retour" soniceretour up to version 2.1.0 from Common-Services for PrestaShop, a guest can download personal information without restriction by performing a path traversal attack. Due to a lack of permissions control and a lack of control in the path name construction, a gues...

7.6AI score0.00761EPSS
Exploits0References2
Rows per page
Query Builder