CVE-2024-33266

SQL Injection vulnerability in Helloshop deliveryorderautoupdate v.2.8.1 and before allows an attacker to run arbitrary SQL commands via the DeliveryorderautoupdateOrdersModuleFrontController::initContent function...

CVE-2023-23315

The PrestaShop e-commerce platform module stripejs contains a Blind SQL injection vulnerability up to version 4.5.5. The method stripejsValidationModuleFrontController::initContent has sensitive SQL calls that can be executed with a trivial http call and exploited to forge a SQL injection...

PT-2024-27127 · Prestashop · Products Alert

Name of the Vulnerable Software and Affected Versions: PrestaShop module "Products Alert" productsalert versions prior to 1.7.4 Description: The issue allows attackers to obtain sensitive information and cause other impacts via the ProductsAlertAjaxProcessModuleFrontController::initContent method...

PrestaShop Security Breach

PrestaShop is an open source e-commerce solution from the American company PrestaShop. The solution offers multiple payment methods, short message alerts and product image zoom. A security vulnerability exists in PrestaShop productsalert prior to version 1.7.4, which stems from sensitive...

PT-2024-25177 · Unknown · Helloshop Deliveryorderautoupdate

Name of the Vulnerable Software and Affected Versions: Helloshop deliveryorderautoupdate versions 2.8.1 and earlier Description: The issue allows an attacker to run arbitrary SQL commands via the DeliveryorderautoupdateOrdersModuleFrontController::initContent function. This enables the execution ...

CVE-2023-40922

kerawen before v2.5.1 was discovered to contain a SQL injection vulnerability via the ocsidcart parameter at KerawenDeliveryModuleFrontController::initContent...

CVE-2023-39641

Active Design psaffiliate before v1.9.8 was discovered to contain a SQL injection vulnerability via the component PsaffiliateGetaffiliatesdetailsModuleFrontController::initContent...

Active Design psaffiliate SQL Injection Vulnerability

Active Design psaffiliate is an application from Active Design. A security vulnerability exists in Active Design psaffiliate versions prior to v1.9.8, which stems from the component PsaffiliateGetaffiliatesdetailsModuleFrontController::initContent that contains an SQL injection vulnerability...

PT-2023-22574 · Prestashop · Prestashop Cdesigner

Name of the Vulnerable Software and Affected Versions: PrestaShop cdesigner versions prior to 3.1.9 Description: The issue is related to SQL Injection via the CdesignerTraitementModuleFrontController::initContent function. Recommendations: For versions prior to 3.1.9, update to version 3.1.9 or...

PT-2023-20909 · Unknown +1 · Prestashop +1

Name of the Vulnerable Software and Affected Versions: Prestashop cdesigner versions 3.1.3 through 3.1.8 Description: A code injection issue was found in the component CdesignerSaverotateModuleFrontController::initContent. This allows for code injection, potentially leading to unauthorized access...

PrestaShop cdesigner 代码问题漏洞

PrestaShop is an open source e-commerce solution from PrestaShop, Inc. in the United States. The solution provides multiple payment methods, short message alerts and product image scaling. A security vulnerability exists in PrestaShop cdesigner version v3.1.3 through v3.1.8, which originates from...

CVE-2023-23315

The PrestaShop e-commerce platform module stripejs contains a Blind SQL injection vulnerability up to version 4.5.5. The method stripejsValidationModuleFrontController::initContent has sensitive SQL calls that can be executed with a trivial http call and exploited to forge a SQL injection...