CVE-2025-61924

CVE-2025-61924 affects PrestaShop Checkout (ps_checkout) in editions prior to 4.4.1 and 5.0.5. The root cause is incorrect use of PHP array_search() in backoffice logic, enabling potential Target PayPal merchant account hijacking. Mitigation: upgrade to 4.4.1 for PrestaShop 1.7/8 (and 5.0.5 for P...

CVE-2025-61924 PrestaShop Checkout Target PayPal merchant account hijacking from backoffice

PrestaShop Checkout is the PrestaShop official payment module in partnership with PayPal. In versions prior to 4.4.1 and 5.0.5, the Target PayPal merchant account hijacking from backoffice due to wrong usage of the PHP arraysearch. The vulnerability is fixed in versions 4.4.1 and 5.0.5. No known...

CVE-2025-61923 PrestaShop Checkout Backoffice directory traversal allows arbitrary file disclosure

PrestaShop Checkout is the PrestaShop official payment module in partnership with PayPal. In versions prior to 4.4.1 and 5.0.5, the backoffice is missing validation on input resulting in a directory traversal and arbitrary file disclosure. The vulnerability is fixed in versions 4.4.1 and 5.0.5. N...

EUVD-2019-1116

Malware in sbrugna...

EUVD-2019-5224

Malware in sbrugna...

EUVD-2023-3134

Malicious code in bioql PyPI...

OTCMS SQL Injection Vulnerability

OTCMS Nettie CMS is an article-based web content management system CMS. A SQL injection vulnerability exists in OTCMS version 7.01, which originates from the parameter sqlContent in the file /admin/indbackstage.php that can lead to SQL injection...