6 matches found
CVE-2024-25842
CVE-2024-25842 affects the PrestaWorld Prestasalesmanager module used with PrestaShop up to version 9.0. The issue allows remote attackers to escalate privileges and access sensitive information via the uploadLogo() and postProcess() methods in the module. Concrete details across multiple sources...
CVE-2024-25842
An issue was discovered in Presta World "Account Manager - Sales Representative & Dealers - CRM" prestasalesmanager module for PrestaShop before version 9.0, allows remote attackers to escalate privilege and obtain sensitive information via the uploadLogo and postProcess methods...
CVE-2024-25842
An issue was discovered in Presta World "Account Manager - Sales Representative & Dealers - CRM" prestasalesmanager module for PrestaShop before version 9.0, allows remote attackers to escalate privilege and obtain sensitive information via the uploadLogo and postProcess methods...
CVE-2024-25840
In the module "Account Manager | Sales Representative & Dealers | CRM" prestasalesmanager up to 9.0 from Presta World for PrestaShop, a guest can download personal information without restriction by performing a path traversal attack...
Path traversal
In the module "Account Manager | Sales Representative & Dealers | CRM" prestasalesmanager up to 9.0 from Presta World for PrestaShop, a guest can download personal information without restriction by performing a path traversal attack...
CVE-2024-25840
In the module "Account Manager | Sales Representative & Dealers | CRM" prestasalesmanager up to 9.0 from Presta World for PrestaShop, a guest can download personal information without restriction by performing a path traversal attack...