Lucene search
K

17 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2023-2915

Malicious code in bioql PyPI...

8.1CVSS8AI score0.00771EPSS
Exploits0References6
RedhatCVE
RedhatCVE
added 2025/05/23 4:34 a.m.9 views

CVE-2023-47110

blockreassurance adds an information block aimed at offering helpful information to reassure customers that their store is trustworthy. An ajax function in module blockreassurance allows modifying any value in the configuration table. This vulnerability has been patched in version 5.1.4...

9.1CVSS6.4AI score0.00418EPSS
Exploits0References1
Veracode
Veracode
added 2023/11/10 6:39 a.m.24 views

Improper Access Control

Prestashop/blockreassurance is vulnerable to Improper Access Control. This vulnerability exists due to the lack of configuration key checks in the ajax function of the blockreassurance module , allowing an attacker to modify sensitive information in the system...

9.1CVSS6.6AI score0.00418EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2023/11/09 3:24 p.m.33 views

CVE-2023-47110 Any value can be changed in the configuration table by an employee having access to block reassurance module

blockreassurance adds an information block aimed at offering helpful information to reassure customers that their store is trustworthy. An ajax function in module blockreassurance allows modifying any value in the configuration table. This vulnerability has been patched in version 5.1.4...

9.1CVSS9.3AI score0.00418EPSS
Exploits0References1
CVE
CVE
added 2023/11/09 3:24 p.m.60 views

CVE-2023-47110

CVE-2023-47110 affects PrestaShop blockreassurance; an ajax function in the module allows modifying any value in the configuration table. This is the underlying issue described across multiple sources; patched in version 5.1.4.

9.1CVSS6.9AI score0.00418EPSS
Exploits0References1Affected Software1
CNNVD
CNNVD
added 2023/11/09 12:0 a.m.4 views

PrestaShop blockreassurance security breach

PrestaShop is an open source e-commerce solution from PrestaShop, Inc. in the United States. The solution provides multiple payment methods, short message alerts and product image zoom. A security vulnerability exists in PrestaShop blockreassurance version 5.1.3 and earlier versions, which stems...

9.1CVSS6.8AI score0.00418EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2023/11/09 12:0 a.m.5 views

PT-2023-30315 · Unknown · Blockreassurance

Name of the Vulnerable Software and Affected Versions: blockreassurance versions prior to 5.1.4 Description: The issue concerns an AJAX function in the blockreassurance module that allows modification of any value in the configuration table, potentially compromising the trustworthiness of a store...

9.1CVSS6AI score0.00418EPSS
Exploits0References9
NVD
NVD
added 2023/11/08 10:15 p.m.13 views

CVE-2023-47109

PrestaShop blockreassurance adds an information block aimed at offering helpful information to reassure customers that the store is trustworthy. When adding a block in blockreassurance module, a BO user can modify the http request and give the path of any file in the project instead of an image...

8.1CVSS0.00771EPSS
Exploits0References4
Prion
Prion
added 2023/11/08 10:15 p.m.20 views

Path traversal

PrestaShop blockreassurance adds an information block aimed at offering helpful information to reassure customers that the store is trustworthy. When adding a block in blockreassurance module, a BO user can modify the http request and give the path of any file in the project instead of an image...

5.5CVSS6.7AI score0.00771EPSS
Exploits0References4Affected Software1
Vulnrichment
Vulnrichment
added 2023/11/08 9:37 p.m.15 views

CVE-2023-47109 PrestaShop blockreassurance BO User can remove any file from server when adding a and deleting a block

PrestaShop blockreassurance adds an information block aimed at offering helpful information to reassure customers that the store is trustworthy. When adding a block in blockreassurance module, a BO user can modify the http request and give the path of any file in the project instead of an image...

5.5CVSS6.5AI score0.00771EPSS
Exploits0References4
Cvelist
Cvelist
added 2023/11/08 9:37 p.m.36 views

CVE-2023-47109 PrestaShop blockreassurance BO User can remove any file from server when adding a and deleting a block

PrestaShop blockreassurance adds an information block aimed at offering helpful information to reassure customers that the store is trustworthy. When adding a block in blockreassurance module, a BO user can modify the http request and give the path of any file in the project instead of an image...

5.5CVSS8.1AI score0.00771EPSS
Exploits0References4
CVE
CVE
added 2023/11/08 9:37 p.m.63 views

CVE-2023-47109

CVE-2023-47109 concerns PrestaShop blockreassurance. The vulnerability allows a business-operator (BO) user to modify the HTTP request during block creation and supply a file path in the project instead of an image. When the block is deleted, the referenced file is removed, and the attack may ena...

8.1CVSS6.5AI score0.00771EPSS
Exploits0References4Affected Software1
OSV
OSV
added 2023/11/08 9:37 p.m.26 views

CVE-2023-47109 PrestaShop blockreassurance BO User can remove any file from server when adding a and deleting a block

PrestaShop blockreassurance adds an information block aimed at offering helpful information to reassure customers that the store is trustworthy. When adding a block in blockreassurance module, a BO user can modify the http request and give the path of any file in the project instead of an image...

5.5CVSS7.6AI score0.00771EPSS
Exploits0References6
Github Security Blog
Github Security Blog
added 2023/11/08 5:53 p.m.26 views

PrestaShop blockreassurance BO User can remove any file from server when adding a and deleting a block

Impact When adding a block in blockreassurance module, a BO user can modify the http request and give the path of any file in the project instead of an image. When deleting the block from the BO, the file will be deleted. It is possible to make the website completely unavailable by removing...

8.1CVSS7.1AI score0.00771EPSS
Exploits0References6Affected Software1
OSV
OSV
added 2023/11/08 5:53 p.m.29 views

GHSA-83J2-QHX2-P7JC PrestaShop blockreassurance BO User can remove any file from server when adding a and deleting a block

Impact When adding a block in blockreassurance module, a BO user can modify the http request and give the path of any file in the project instead of an image. When deleting the block from the BO, the file will be deleted. It is possible to make the website completely unavailable by removing...

5.5CVSS6.4AI score0.00771EPSS
Exploits0References6
CNNVD
CNNVD
added 2023/11/08 12:0 a.m.4 views

PrestaShop Authorization Issues Vulnerability

PrestaShop is an open source e-commerce solution from PrestaShop, Inc. in the United States. The solution provides multiple payment methods, short message alerts, and product image scaling. An authorization issue vulnerability exists in PrestaShop blockreassurance versions prior to 5.1.4. The...

8.1CVSS6.8AI score0.00771EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2023/11/08 12:0 a.m.5 views

PT-2023-30314 · Unknown · Prestashop

Name of the Vulnerable Software and Affected Versions: PrestaShop versions prior to 5.1.4 Description: The issue affects the blockreassurance module in PrestaShop, which is designed to offer helpful information to reassure customers about the store's trustworthiness. A back-office BO user can...

8.1CVSS7.8AI score0.00771EPSS
Exploits0References10
Rows per page
Query Builder