Lucene search
K

4 matches found

NVD
NVD
added 2018/11/19 12:29 a.m.20 views

CVE-2018-19355

modules/orderfiles/ajax/upload.php in the Customer Files Upload addon 2018-08-01 for PrestaShop 1.5 through 1.7 allows remote attackers to execute arbitrary code by uploading a php file via modules/orderfiles/upload.php with auptype equal to product for upload destinations under...

9.8CVSS9.8AI score0.03496EPSS
Exploits1References1
OSV
OSV
added 2018/11/19 12:29 a.m.19 views

CVE-2018-19355

modules/orderfiles/ajax/upload.php in the Customer Files Upload addon 2018-08-01 for PrestaShop 1.5 through 1.7 allows remote attackers to execute arbitrary code by uploading a php file via modules/orderfiles/upload.php with auptype equal to product for upload destinations under...

9.8CVSS8AI score0.03496EPSS
Exploits1References1
Cvelist
Cvelist
added 2018/11/19 12:0 a.m.22 views

CVE-2018-19355

modules/orderfiles/ajax/upload.php in the Customer Files Upload addon 2018-08-01 for PrestaShop 1.5 through 1.7 allows remote attackers to execute arbitrary code by uploading a php file via modules/orderfiles/upload.php with auptype equal to product for upload destinations under...

9.8AI score0.03496EPSS
Exploits1References1
CVE
CVE
added 2018/11/19 12:0 a.m.51 views

CVE-2018-19355

CVE-2018-19355 affects the PrestaShop Customer Files Upload addon (version 2018-08-01) with a flaw in modules/orderfiles/ajax/upload.php. An attacker can upload a PHP file via modules/orderfiles/upload.php using auptype values (product, order, or cart) to endpoints under modules/productfiles, mod...

9.8CVSS9.8AI score0.03496EPSS
Exploits1References1Affected Software1
Rows per page
Query Builder