Lucene search
K

55 matches found

Cvelist
Cvelist
added 2022/08/29 12:0 a.m.41 views

CVE-2022-22897

A SQL injection vulnerability in the productalloneimg and imageproduct parameters of the ApolloTheme AP PageBuilder component through 2.4.4 for PrestaShop allows unauthenticated attackers to exfiltrate database data...

10AI score0.10814EPSS
Exploits3References2
CVE
CVE
added 2022/08/29 12:0 a.m.186 views

CVE-2022-22897

CVE-2022-22897 describes a SQL injection in the ApolloTheme AP PageBuilder for PrestaShop up to version 2.4.4, affecting the parameters product_all_one_img and image_product . Unauthenticated attackers could exfiltrate database data by exploiting this vulnerability. The NVD/Nuclei entries confirm...

9.8CVSS9.8AI score0.10814EPSS
In wildExploits3References2Affected Software1
CNNVD
CNNVD
added 2022/08/25 12:0 a.m.6 views

PrestaShop Ap Pagebuilder SQL注入漏洞

PrestaShop is an open source e-commerce solution from PrestaShop, Inc. in the United States. The solution provides multiple payment methods, short message alerts, and product image zoom. A security vulnerability exists in PrestaShop Ap Pagebuilder 2.4.4 and earlier versions...

9.8CVSS5.6AI score0.10814EPSS
Exploits3References4
0day.today
0day.today
added 2022/08/25 12:0 a.m.357 views

PrestaShop Ap Pagebuilder 2.4.4 SQL Injection Vulnerability

Exploit Title: AP PAGEBUILDER Prestashop module = 2.4.4 'productalloneimg' , 'imageproduct' Blind SQL Injection Exploit Author: Mohamed Ali Hammami Vendor Homepage: https://apollotheme.com/ Software Link : https://apollotheme.com/products/ap-pagebuilder-prestashop-module Version: 2.4.4 Tested on:...

9.8CVSS0.5AI score0.10814EPSS
Exploits3
Github Security Blog
Github Security Blog
added 2022/05/24 5:0 p.m.40 views

Magento 2 Community Edition RCE Vulnerability

A remote code execution vulnerability exists in Magento 2.3 prior to 2.3.3 or 2.3.2-p1. An unauthenticated user can insert a malicious payload through PageBuilder template methods...

9.8CVSS8AI score0.02474EPSS
Exploits0References5Affected Software1
OSV
OSV
added 2022/05/24 5:0 p.m.17 views

GHSA-VPG9-GQ7J-MXQG Magento 2 Community Edition RCE Vulnerability

A remote code execution vulnerability exists in Magento 2.3 prior to 2.3.3 or 2.3.2-p1. An unauthenticated user can insert a malicious payload through PageBuilder template methods...

9.8CVSS9.7AI score0.02474EPSS
Exploits0References5
Patchstack
Patchstack
added 2022/02/28 12:0 a.m.8 views

WordPress Magic Content for Siteorigins Pagebuilder plugin <= 1.0.1 - Sensitive Information Disclosure vulnerability

Sensitive Information Disclosure vulnerability discovered in WordPress Magic Content for Siteorigins Pagebuilder plugin versions = 1.0.1. Solution No patched version available...

2.3AI score
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2022/02/28 12:0 a.m.13 views

WordPress Pootle Pagebuilder – WordPress Page builder plugin <= 5.7.0 - Sensitive Information Disclosure vulnerability

Sensitive Information Disclosure vulnerability discovered in WordPress Pootle Pagebuilder – WordPress Page builder plugin versions = 5.7.0. Solution Update the WordPress Pootle Pagebuilder – WordPress Page builder plugin to the latest available version at least 5.7.1...

2.5AI score
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2022/02/28 12:0 a.m.12 views

WordPress Pootle Pagebuilder – WordPress Page builder plugin <= 5.7.0 - Toggle The Debug Mode via Cross-Site Request Forgery (CSRF) vulnerability

Toggle The Debug Mode via Cross-Site Request Forgery CSRF vulnerability discovered in WordPress Pootle Pagebuilder – WordPress Page builder plugin versions = 5.7.0. Solution Update the WordPress Pootle Pagebuilder – WordPress Page builder plugin to the latest available version at least 5.7.1...

4AI score
Exploits0References2Affected Software1
NVD
NVD
added 2019/11/06 12:15 a.m.21 views

CVE-2019-8144

A remote code execution vulnerability exists in Magento 2.3 prior to 2.3.3 or 2.3.2-p1. An unauthenticated user can insert a malicious payload through PageBuilder template methods...

9.8CVSS9.7AI score0.02474EPSS
Exploits0References1
OSV
OSV
added 2019/11/06 12:15 a.m.20 views

CVE-2019-8144

A remote code execution vulnerability exists in Magento 2.3 prior to 2.3.3 or 2.3.2-p1. An unauthenticated user can insert a malicious payload through PageBuilder template methods...

9.8CVSS7.6AI score
Exploits0References1
Prion
Prion
added 2019/11/06 12:15 a.m.20 views

Remote code execution

A remote code execution vulnerability exists in Magento 2.3 prior to 2.3.3 or 2.3.2-p1. An unauthenticated user can insert a malicious payload through PageBuilder template methods...

7.5CVSS9.6AI score0.02474EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2019/11/05 11:30 p.m.160 views

CVE-2019-8144

Magento 2.3 (before 2.3.3 or 2.3.2-p1) is affected by a remote code execution vulnerability via PageBuilder template methods. An unauthenticated attacker can supply a payload to achieve RCE. Mitigation is to apply the Magento security patch 2.3.3 (and 2.2.10) as cited in security advisories; no e...

9.8CVSS9.6AI score0.02474EPSS
Exploits0References1Affected Software1
Friends Of PHP
Friends Of PHP
added 2019/10/08 12:0 a.m.39 views

PRODSECBUG-2392: Cross-Site Scripting via PageBuilder Banner

More info at https://magento.com/security/patches/magento-2.3.3-and-2.2.10-security-update...

4.8CVSS7.2AI score0.00552EPSS
Exploits0Affected Software1
Friends Of PHP
Friends Of PHP
added 2019/10/08 12:0 a.m.44 views

PRODSECBUG-2403: Remote code execution through crafted PageBuilder templates

More info at https://magento.com/security/patches/magento-2.3.3-and-2.2.10-security-update...

9.8CVSS7.2AI score0.02474EPSS
Exploits0Affected Software1
Rows per page
Query Builder