EUVD-2022-48316

Malicious code in bioql PyPI...

EUVD-2022-48315

Malicious code in bioql PyPI...

CVE-2022-45448

M4 PDF plugin for Prestashop sites, in its 3.2.3 version and before, is vulnerable to an arbitrary HTML Document crafting vulnerability. The resource /m4pdf/pdf.php uses templates to dynamically create documents. In the case that the template does not exist, the application will return a fixed...

CVE-2022-45448

The CVE-2022-45448 vulnerability affects the M4 PDF plugin for Prestashop sites, versions 3.2.3 and earlier. The flaw arises in /m4pdf/pdf.php, which uses templates to generate documents; if a requested template does not exist, a fixed MPDF-formatted document is returned. An attacker can exploit ...

CVE-2022-45447

M4 PDF plugin for Prestashop sites, in its 3.2.3 version and before, is vulnerable to a directory traversal vulnerability. The “f” parameter is not properly checked in the resource /m4pdf/pdf.php, returning any file given its relative path. An attacker that exploits this vulnerability could...

Directory traversal

M4 PDF plugin for Prestashop sites, in its 3.2.3 version and before, is vulnerable to a directory traversal vulnerability. The “f” parameter is not properly checked in the resource /m4pdf/pdf.php, returning any file given its relative path. An attacker that exploits this vulnerability could...

CVE-2022-45447 Path Traversal in M4 PDF plugin for Prestashop sites

M4 PDF plugin for Prestashop sites, in its 3.2.3 version and before, is vulnerable to a directory traversal vulnerability. The “f” parameter is not properly checked in the resource /m4pdf/pdf.php, returning any file given its relative path. An attacker that exploits this vulnerability could...

CVE-2022-45447

The CVE-2022-45447 entry describes a directory-traversal vulnerability in the M4 PDF plugin for Prestashop (versions 3.2.3 and earlier). The flaw resides in the f parameter handling of the /m4pdf/pdf.php resource, which does not properly validate the requested relative path, enabling an attacker ...

PT-2023-14671 · Prestashop · M4 Pdf Plugin

Name of the Vulnerable Software and Affected Versions: M4 PDF plugin for Prestashop sites versions 3.2.3 and before Description: The M4 PDF plugin for Prestashop sites is vulnerable to an arbitrary HTML Document crafting vulnerability. The resource "/m4pdf/pdf.php" uses templates to dynamically...

Prestashop Path Traversal Vulnerability

PrestaShop is an open source e-commerce solution from PrestaShop, Inc. in the United States. The program provides a variety of payment methods, short message alerts and product image zoom and other features. Prestashop plugin M4 PDF 3.2.3 and previous versions of a security vulnerability , the...