4 matches found
PT-2026-5499
Name of the Vulnerable Software and Affected Versions Keycloak affected versions not specified Description A flaw exists in the Keycloak Admin API that allows an administrator with limited privileges to retrieve sensitive custom attributes. This is achieved through the /unmanagedAttributes API...
PrestaShop file deletion via CustomerMessage
Impact It is possible to delete files from the server via the CustomerMessage API Patches 8.1.1 Found by Kto94 via Yeswehack Workarounds none References none...
PrestaShop file deletion via attachment API
Impact It is possible to delete a file from the server by using the Attachments controller and the Attachments API. Patches 8.1.1 Found by Kto94 via Yeswehack Workarounds none References none...
PrestaShop SQL manager vulnerability
Impact Remote code execution through SQL injection and arbitrary file write in back office Patches 1.7.8.10 8.0.5 8.1.1 Found by Truff via yeswehack Workarounds none References none...