4 matches found
CVE-2020-9368
The Module Olea Gift On Order module through 5.0.8 for PrestaShop enables an unauthenticated user to read arbitrary files on the server via getfile.php?file=/.. directory traversal...
CVE-2020-9368
creationtimestamp| type| source ---|---|--- 2020-11-03 00:45:10+00:00| seen| https://t.me/cibsecurity/15789...
CVE-2020-9368
The Module Olea Gift On Order module through 5.0.8 for PrestaShop enables an unauthenticated user to read arbitrary files on the server via getfile.php?file=/.. directory traversal...
CVE-2020-9368
The CVE-2020-9368 issue affects PrestaShop’s Olea Gift On Order module up to version 5.0.8. The vulnerability is a directory traversal in getfile.php that allows an unauthenticated attacker to read arbitrary server files by requesting getfile.php?file=../../… The root cause is a path-traversal fl...