11 matches found
Improper Access Control
Prestashop/blockreassurance is vulnerable to Improper Access Control. This vulnerability exists due to the lack of configuration key checks in the ajax function of the blockreassurance module , allowing an attacker to modify sensitive information in the system...
CVE-2023-47110
CVE-2023-47110 affects PrestaShop blockreassurance; an ajax function in the module allows modifying any value in the configuration table. This is the underlying issue described across multiple sources; patched in version 5.1.4.
PT-2023-30315 · Unknown · Blockreassurance
Name of the Vulnerable Software and Affected Versions: blockreassurance versions prior to 5.1.4 Description: The issue concerns an AJAX function in the blockreassurance module that allows modification of any value in the configuration table, potentially compromising the trustworthiness of a store...
PrestaShop blockreassurance security breach
PrestaShop is an open source e-commerce solution from PrestaShop, Inc. in the United States. The solution provides multiple payment methods, short message alerts and product image zoom. A security vulnerability exists in PrestaShop blockreassurance version 5.1.3 and earlier versions, which stems...
CVE-2023-47109
PrestaShop blockreassurance adds an information block aimed at offering helpful information to reassure customers that the store is trustworthy. When adding a block in blockreassurance module, a BO user can modify the http request and give the path of any file in the project instead of an image...
Path traversal
PrestaShop blockreassurance adds an information block aimed at offering helpful information to reassure customers that the store is trustworthy. When adding a block in blockreassurance module, a BO user can modify the http request and give the path of any file in the project instead of an image...
CVE-2023-47109 PrestaShop blockreassurance BO User can remove any file from server when adding a and deleting a block
PrestaShop blockreassurance adds an information block aimed at offering helpful information to reassure customers that the store is trustworthy. When adding a block in blockreassurance module, a BO user can modify the http request and give the path of any file in the project instead of an image...
CVE-2023-47109
CVE-2023-47109 concerns PrestaShop blockreassurance. The vulnerability allows a business-operator (BO) user to modify the HTTP request during block creation and supply a file path in the project instead of an image. When the block is deleted, the referenced file is removed, and the attack may ena...
CVE-2023-47109 PrestaShop blockreassurance BO User can remove any file from server when adding a and deleting a block
PrestaShop blockreassurance adds an information block aimed at offering helpful information to reassure customers that the store is trustworthy. When adding a block in blockreassurance module, a BO user can modify the http request and give the path of any file in the project instead of an image...
CVE-2023-47109 PrestaShop blockreassurance BO User can remove any file from server when adding a and deleting a block
PrestaShop blockreassurance adds an information block aimed at offering helpful information to reassure customers that the store is trustworthy. When adding a block in blockreassurance module, a BO user can modify the http request and give the path of any file in the project instead of an image...
PrestaShop Authorization Issues Vulnerability
PrestaShop is an open source e-commerce solution from PrestaShop, Inc. in the United States. The solution provides multiple payment methods, short message alerts, and product image scaling. An authorization issue vulnerability exists in PrestaShop blockreassurance versions prior to 5.1.4. The...