13 matches found
EUVD-2023-44378
Malicious code in bioql PyPI...
EUVD-2024-54461
Malicious code in bioql PyPI...
CVE-2024-6648
Absolute Path Traversal vulnerability in AP Page Builder versions prior to 4.0.0 could allow an unauthenticated remote user to modify the 'productitempath' within the 'config' JSON file, allowing them to read any file on the system...
CVE-2024-6648
Absolute Path Traversal vulnerability in AP Page Builder versions prior to 4.0.0 could allow an unauthenticated remote user to modify the 'productitempath' within the 'config' JSON file, allowing them to read any file on the system...
CVE-2024-6648 Path Traversal in AP Page Builder
Absolute Path Traversal vulnerability in AP Page Builder versions prior to 4.0.0 could allow an unauthenticated remote user to modify the 'productitempath' within the 'config' JSON file, allowing them to read any file on the system...
CVE-2024-6648
CVE-2024-6648 describes an Absolute Path Traversal in AP Page Builder (AP Page Builder plugin) for versions prior to 4.0.0. An unauthenticated remote attacker could modify the product_item_path in the config JSON, enabling reading arbitrary files on the system. Affected: AP Page Builder
CVE-2024-6648 Path Traversal in AP Page Builder
Absolute Path Traversal vulnerability in AP Page Builder versions prior to 4.0.0 could allow an unauthenticated remote user to modify the 'productitempath' within the 'config' JSON file, allowing them to read any file on the system...
PT-2025-20380
Name of the Vulnerable Software and Affected Versions AP Page Builder versions prior to 4.0.0 Description The issue is an Absolute Path Traversal vulnerability that could allow an unauthenticated remote user to modify the product item path within the config JSON file, allowing them to read any fi...
CVE-2023-3743
Ap Page Builder, in versions lower than 1.7.8.2, could allow a remote attacker to send a specially crafted SQL query to the productoneimg parameter to retrieve the information stored in the database...
Design/Logic Flaw
Ap Page Builder, in versions lower than 1.7.8.2, could allow a remote attacker to send a specially crafted SQL query to the productoneimg parameter to retrieve the information stored in the database...
CVE-2023-3743 SQL injection vulnerability in LeoTheme's Ap Page Builder
Ap Page Builder, in versions lower than 1.7.8.2, could allow a remote attacker to send a specially crafted SQL query to the productoneimg parameter to retrieve the information stored in the database...
CVE-2023-3743 SQL injection vulnerability in LeoTheme's Ap Page Builder
Ap Page Builder, in versions lower than 1.7.8.2, could allow a remote attacker to send a specially crafted SQL query to the productoneimg parameter to retrieve the information stored in the database...
CVE-2023-3743
Summary: CVE-2023-3743 affects LeoTheme’s Ap Page Builder for Prestashop, with versions prior to 1.7.8.2 vulnerable to a SQL injection via the product_one_img parameter, allowing a remote attacker to retrieve data from the database. The root cause is improper handling of user-supplied input in th...