2 matches found
CVE-2023-45382
The CVE-2023-45382 entry concerns the SoNice Retour module for PrestaShop (up to version 2.1.0) from Common-Services. A guest can perform a path traversal due to insufficient permissions checks and flawed path-name construction, allowing unauthorized viewing/download of personal information acros...
CVE-2023-45382
In the module "SoNice Retour" soniceretour up to version 2.1.0 from Common-Services for PrestaShop, a guest can download personal information without restriction by performing a path traversal attack. Due to a lack of permissions control and a lack of control in the path name construction, a gues...