14 matches found
CVE-2023-45377
In the module "Chronopost Official" chronopost for PrestaShop, a guest can perform SQL injection. The script PHP cancelSkybill.php own a sensitive SQL calls that can be executed with a trivial http call and exploited to forge a SQL injection...
EUVD-2023-49669
Malicious code in bioql PyPI...
CVE-2023-45377
In the module "Chronopost Official" chronopost for PrestaShop, a guest can perform SQL injection. The script PHP cancelSkybill.php own a sensitive SQL calls that can be executed with a trivial http call and exploited to forge a SQL injection...
CVE-2023-45377
In the module "Chronopost Official" chronopost for PrestaShop, a guest can perform SQL injection. The script PHP cancelSkybill.php own a sensitive SQL calls that can be executed with a trivial http call and exploited to forge a SQL injection...
Sql injection
In the module "Chronopost Official" chronopost for PrestaShop, a guest can perform SQL injection. The script PHP cancelSkybill.php own a sensitive SQL calls that can be executed with a trivial http call and exploited to forge a SQL injection...
CVE-2023-45377
In the module "Chronopost Official" chronopost for PrestaShop, a guest can perform SQL injection. The script PHP cancelSkybill.php own a sensitive SQL calls that can be executed with a trivial http call and exploited to forge a SQL injection...
CVE-2023-45377
In the module "Chronopost Official" chronopost for PrestaShop, a guest can perform SQL injection. The script PHP cancelSkybill.php own a sensitive SQL calls that can be executed with a trivial http call and exploited to forge a SQL injection...
PrestaShop Chronopost Official Security Breach
PrestaShop is an open source e-commerce solution from PrestaShop, Inc. in the United States. The solution offers multiple payment methods, short message alerts, and product image zoom, among other features. A security vulnerability exists in PrestaShop Chronopost Official. An attacker can exploit...
PT-2023-29534 · Prestashop · Chronopost Official
Name of the Vulnerable Software and Affected Versions: PrestaShop module "Chronopost Official" chronopost affected versions not specified Description: The issue allows a guest to perform SQL injection in the "Chronopost Official" module for PrestaShop. The PHP script cancelSkybill.php contains...
CVE-2023-45377
The CVE-2023-45377 issue affects the PrestaShop Chronopost Official module (chronopost). The vulnerability allows a guest to perform SQL injection via the PHP script cancelSkybill.php, which contains sensitive SQL calls that can be triggered with a simple HTTP request. The described impact is hig...
chronopost.fr XSS vulnerability
Vulnerable URL: http://www.chronopost.fr/tracking-no-cms/suivi-page?listeNumerosLT=%22confirm%27openbugbounty%27%22=frFR Details: Description| Value ---|--- Patched:| Yes, at Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| 14310 VIP website status:| Yes Check...
chronopost.fr XSS vulnerability
Vulnerable URL: http://www.chronopost.fr/fr/chronosuivisearch?listeNumerosLT=sdda〈=fr'-confirm'OPENBUGBOUNTY'-'=buildid=form-oPjTzq0dUqO4GOVKc6u3cdYOCExM-JPRuic1uO1yzcid=chronosuivicolisblockformKNOXSS Details: Description| Value ---|--- Patched:| Yes, at 28.07.2017 Latest check for patch:|...
services.chronopost.pt XSS vulnerability
Vulnerable URL: https://services.chronopost.pt/followmyparcel/?parcel=asdasd%27;%20alert%27OPENBUGBOUNTY%27;%20x=%271 Details: Description| Value ---|--- Patched:| Yes, at 05.04.2017 Latest check for patch:| 05.04.2017 11:56 GMT Vulnerability type:| XSS Vulnerability status:| Publicly disclosed...
scplanning.chronopost.fr XSS vulnerability
Vulnerable URL: http://scplanning.chronopost.fr/supv/help/advanced/workingSet.jsp?operation=%22%22%22%22aaaa%3C/script%3E%3E%3Cimg%20src=x%20onerror=prompt/OPENBUGBOUNTY/%3E%3E= Details: Description| Value ---|--- Patched:| No Latest check for patch:| 07.09.2017 Vulnerability type:| XSS...