15 matches found
EUVD-2014-2060
Malware in sbrugna...
CVE-2014-2009
The mPAY24 payment module before 1.6 for PrestaShop allows remote attackers to obtain credentials, the installation path, and other sensitive information via a direct request to api/curllog.log...
CVE-2014-2008
SQL injection vulnerability in confirm.php in the mPAY24 payment module before 1.6 for PrestaShop allows remote attackers to execute arbitrary SQL commands via the TID parameter...
Sql injection
SQL injection vulnerability in confirm.php in the mPAY24 payment module before 1.6 for PrestaShop allows remote attackers to execute arbitrary SQL commands via the TID parameter...
CVE-2014-2009
The mPAY24 payment module before 1.6 for PrestaShop allows remote attackers to obtain credentials, the installation path, and other sensitive information via a direct request to api/curllog.log...
Information disclosure
The mPAY24 payment module before 1.6 for PrestaShop allows remote attackers to obtain credentials, the installation path, and other sensitive information via a direct request to api/curllog.log...
CVE-2014-2008
SQL injection vulnerability in confirm.php in the mPAY24 payment module before 1.6 for PrestaShop allows remote attackers to execute arbitrary SQL commands via the TID parameter...
CVE-2014-2009
The mPAY24 payment module before 1.6 for PrestaShop allows remote attackers to obtain credentials, the installation path, and other sensitive information via a direct request to api/curllog.log...
CVE-2014-2008
SQL injection vulnerability in confirm.php in the mPAY24 payment module before 1.6 for PrestaShop allows remote attackers to execute arbitrary SQL commands via the TID parameter...
CVE-2014-2008
Summary: CVE-2014-2008 is a SQL injection vulnerability in the mPAY24 PrestaShop payment module (prior to 1.6) where the TID parameter permits remote attackers to inject and execute arbitrary SQL commands. This can lead to information disclosure and potential data manipulation. Affected software:...
CVE-2014-2009
The CVE-2014-2009 entry concerns the mPAY24 payment module for PrestaShop prior to version 1.6. A vulnerability allows remote attackers to obtain credentials, installation path, and other sensitive information via a direct request to api/curllog.log. This is described as an information-disclosure...
Mpay24 PrestaShop Payment Module 1.5 - Multiple Vulnerabilities
Mpay24 PrestaShop Payment Module Multiple Vulnerabilities - · Affected Vendor: Mpay24 - · Affected Software: Mpay24 Payment Module - · Affected Version: 1.5 and earlier - · Issue Type: SQL injection and information disclosure - · Notification Date: 10 February 2014 - · Release Date: 03 September...
Mpay24 PrestaShop Payment Module 1.5 - Multiple Vulnerabilities
Mpay24 PrestaShop Payment Module 1.5 - Multiple Vulnerabilities Mpay24 PrestaShop Payment Module Multiple Vulnerabilities - · Affected Vendor: Mpay24 - · Affected Software: Mpay24 Payment Module - · Affected Version: 1.5 and earlier - · Issue Type: SQL injection and information disclosure - ·...
Mpay24 Payment Module 1.5 Information Disclosure / SQL Injection Mpay24 Payment Module 1.5 Informat
Mpay24 Payment Module versions 1.5 and below suffer from information disclosure and remote SQL injection vulnerabilities. Mpay24 PrestaShop Payment Module Multiple Vulnerabilities - · Affected Vendor: Mpay24 - · Affected Software: Mpay24 Payment Module - · Affected Version: 1.5 and earlier - ·...
Mpay24 Payment Module 1.5 Information Disclosure / SQL Injection
Mpay24 PrestaShop Payment Module Multiple Vulnerabilities - · Affected Vendor: Mpay24 - · Affected Software: Mpay24 Payment Module - · Affected Version: 1.5 and earlier - · Issue Type: SQL injection and information disclosure - · Notification Date: 10 February 2014 - · Release Date: 03 September...