5 matches found
CVE-2022-45447
M4 PDF plugin for Prestashop sites, in its 3.2.3 version and before, is vulnerable to a directory traversal vulnerability. The “f” parameter is not properly checked in the resource /m4pdf/pdf.php, returning any file given its relative path. An attacker that exploits this vulnerability could...
CVE-2022-45447
M4 PDF plugin for Prestashop sites, in its 3.2.3 version and before, is vulnerable to a directory traversal vulnerability. The “f” parameter is not properly checked in the resource /m4pdf/pdf.php, returning any file given its relative path. An attacker that exploits this vulnerability could...
CVE-2022-45447 Path Traversal in M4 PDF plugin for Prestashop sites
M4 PDF plugin for Prestashop sites, in its 3.2.3 version and before, is vulnerable to a directory traversal vulnerability. The “f” parameter is not properly checked in the resource /m4pdf/pdf.php, returning any file given its relative path. An attacker that exploits this vulnerability could...
CVE-2022-45447
The CVE-2022-45447 entry describes a directory-traversal vulnerability in the M4 PDF plugin for Prestashop (versions 3.2.3 and earlier). The flaw resides in the f parameter handling of the /m4pdf/pdf.php resource, which does not properly validate the requested relative path, enabling an attacker ...
CVE-2022-45447 Path Traversal in M4 PDF plugin for Prestashop sites
M4 PDF plugin for Prestashop sites, in its 3.2.3 version and before, is vulnerable to a directory traversal vulnerability. The “f” parameter is not properly checked in the resource /m4pdf/pdf.php, returning any file given its relative path. An attacker that exploits this vulnerability could...