123 matches found
PrestaShop lgcookieslaw - SQL Injection
The EU Cookie Law GDPR Banner + Blocker PrestaShop module before 2.1.3 allows blind SQL injection via the lglaw or lgcookieslaw cookie used to store user consent choices. id: CVE-2022-44727 info: name: PrestaShop lgcookieslaw - SQL Injection author: mastercho severity: critical description: | The...
Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')
Overview prestashop/psfacetedsearch is a PrestaShop module that adds layered navigation filters. Affected versions of this package are vulnerable to Improper Neutralization of Special Elements in Output Used by a Downstream Component 'Injection' via the getFromCache function. An attacker can...
prestashop/ps_facetedsearch: PHP Object Injection in faceted search cache allows unauthenticated RCE
Impact A PHP Object Injection vulnerability affects the PrestaShop module psfacetedsearch. The module rebuilds the selected search filters from the request URL. The value of a slider filter price or weight is taken from the URL without sufficient validation, then stored in an internal filter-bloc...
CVE-2023-50027
SQL Injection vulnerability in Buy Addons baproductzoommagnifier module for PrestaShop versions 1.0.16 and before, allows remote attackers to escalate privileges and gain sensitive information via BaproductzoommagnifierZoomModuleFrontController::run method...
CVE-2023-50028
In the module "Sliding cart block" blockslidingcart up to version 2.3.8 from PrestashopModules.eu for PrestaShop, a guest can perform SQL injection...
CVE-2023-45256
Multiple SQL injection vulnerabilities in the EuroInformation MoneticoPaiement module before 1.1.1 for PrestaShop allow remote attackers to execute arbitrary SQL commands via the TPE, societe, MAC, reference, or aliascb parameter to transaction.php, validation.php, or callback.php...
CVE-2023-45386
In the module extratabspro before version 2.2.8 from MyPresta.eu for PrestaShop, a guest can perform SQL injection via extratabspro::searchcategory, extratabspro::searchproduct and extratabspro::searchmanufacturer.'...
CVE-2022-35933
This package is a PrestaShop module that allows users to post reviews and rate products. There is a vulnerability where the attacker could steal an administrator's cookie. The issue is fixed in version 5.0.2...
EUVD-2021-2192
Malware in sbrugna...
EUVD-2020-26474
Malware in sbrugna...
EUVD-2022-6598
Malicious code in bioql PyPI...
EUVD-2023-37444
Malicious code in bioql PyPI...
EUVD-2023-43356
Malicious code in bioql PyPI...
EUVD-2023-35967
Malicious code in bioql PyPI...
EUVD-2023-43353
Malicious code in bioql PyPI...
EUVD-2022-49743
Malicious code in bioql PyPI...
EUVD-2023-49678
Malicious code in bioql PyPI...
EUVD-2023-34620
Malicious code in bioql PyPI...
EUVD-2023-37819
Malicious code in bioql PyPI...
EUVD-2023-43358
Malicious code in bioql PyPI...