Lucene search
K

9 matches found

OSV
OSV
added 2024/03/03 9:15 a.m.4 views

CVE-2024-25847

SQL Injection vulnerability in MyPrestaModules "Product Catalog CSV, Excel Import" simpleimportproduct modules for PrestaShop versions 6.5.0 and before, allows attackers to escalate privileges and obtain sensitive information via Send::construct and importProducts::addDataToDb methods...

9.8CVSS5.8AI score0.00532EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/03/03 12:0 a.m.17 views

CVE-2024-25847

SQL Injection vulnerability in MyPrestaModules "Product Catalog CSV, Excel Import" simpleimportproduct modules for PrestaShop versions 6.5.0 and before, allows attackers to escalate privileges and obtain sensitive information via Send::construct and importProducts::addDataToDb methods...

7.8AI score0.00532EPSS
Exploits0References1
CNNVD
CNNVD
added 2024/03/03 12:0 a.m.5 views

PrestaShop Security Breach

PrestaShop is an open source e-commerce solution from PrestaShop, Inc. in the United States. The solution offers multiple payment methods, SMS alerts and product image zoom. A security vulnerability exists in PrestaShop Product Catalog CSV, Excel Import prior to version 6.5.0, which stems from a...

9.8CVSS6.6AI score0.00532EPSS
Exploits0References2
OSV
OSV
added 2024/02/27 5:15 p.m.3 views

CVE-2024-25846

In the module "Product Catalog CSV, Excel Import" simpleimportproduct = 6.7.0 from MyPrestaModules for PrestaShop, a guest can upload files with extensions .php...

9.1CVSS5.8AI score0.00789EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2024/02/27 12:0 a.m.15 views

CVE-2024-25846

In the module "Product Catalog CSV, Excel Import" simpleimportproduct = 6.7.0 from MyPrestaModules for PrestaShop, a guest can upload files with extensions .php...

7AI score0.00789EPSS
Exploits1References2
CNNVD
CNNVD
added 2024/02/27 12:0 a.m.9 views

PrestaShop Security Breach

PrestaShop is an open source e-commerce solution from PrestaShop, Inc. in the United States. The solution provides multiple payment methods, short message alerts and product image scaling. A security vulnerability exists in PrestaShop simpleimportproduct 6.7.0 and earlier versions, which stems fr...

9.1CVSS6.9AI score0.00789EPSS
Exploits1References3
BDU FSTEC
BDU FSTEC
added 2024/01/10 12:0 a.m.7 views

The vulnerability of the catalog-import function of the online software development platform Red Hat Developer Hub allows a hacker to disclose protected information.

The vulnerability of the catalog-import function on the online software development platform Red Hat Developer Hub is related to the lack of protection for operational data. Exploiting this vulnerability could allow a malicious actor to disclose the protected information remotely...

8.5CVSS6AI score0.00561EPSS
Exploits0References4
OSV
OSV
added 2024/01/04 10:15 a.m.12 views

CVE-2023-6944

A flaw was found in the Red Hat Developer Hub RHDH. The catalog-import function leaks GitLab access tokens on the frontend when the base64 encoded GitLab token includes a newline at the end of the string. The sanitized error can display on the frontend, including the raw access token. Upon gainin...

5.7CVSS5.5AI score0.00561EPSS
Exploits0References3
OSV
OSV
added 2018/08/14 4:29 p.m.4 views

CVE-2018-2449

SAP SRM MDM Catalog versions 3.73, 7.31, 7.32 in SAP NetWeaver 7.3 - import functionality does not perform authentication checks for valid repository user. This is an unauthenticated functionality that you can use on windows machines to do SMB relaying...

8.6CVSS5.8AI score0.0162EPSS
Exploits0References3
Rows per page
Query Builder