4 matches found
CVE-2023-43664
PrestaShop is an Open Source e-commerce web application. In the Prestashop Back office interface, an employee can list all modules without any access rights: method ajaxProcessGetPossibleHookingListForModule doesn't check access rights. This issue has been addressed in commit 15bd281c which is...
CVE-2023-43664
CVE-2023-43664 affects PrestaShop: in the Back Office, an employee can list all modules due to missing access rights check in ajaxProcessGetPossibleHookingListForModule. The root cause is improper authorization in that function. The issue is mitigated in commit 15bd281c and is included in PrestaS...
PT-2023-28909 · Unknown · Prestashop
Name of the Vulnerable Software and Affected Versions: PrestaShop versions prior to 8.1.2 Description: The issue concerns the PrestaShop Back office interface, where an employee can list all modules without any access rights due to the method ajaxProcessGetPossibleHookingListForModule not checkin...
Sitefinity Enterprise v7.2.53 - Persistent Vulnerability
Document Title: =============== Sitefinity Enterprise v7.2.53 - Persistent Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1369 Release Date: ============= 2015-01-06 Vulnerability Laboratory ID VL-ID: ====================================...