2 matches found
CVE-2023-45383
In the module "SoNice etiquetage" soniceetiquetage up to version 2.5.9 from Common-Services for PrestaShop, a guest can download personal information without restriction by performing a path traversal attack. Due to a lack of permissions control and a lack of control in the path name construction...
CVE-2023-45383
CVE-2023-45383 affects the SoNice etiquetage module for PrestaShop up to version 2.5.9. A guest can perform a path traversal due to insufficient permissions checks and flawed pathname construction, enabling viewing/downloading of personal information across the information system. The Red Hat/NVD...