CVE-2025-61922

PrestaShop Checkout is the PrestaShop official payment module in partnership with PayPal. Starting in version 1.3.0 and prior to versions 4.4.1 and 5.0.5, missing validation on the Express Checkout feature allows silent login, enabling account takeover via email. The vulnerability is fixed in...

EUVD-2025-34790

PrestaShop Checkout allows customer account takeover via email...

GHSA-54HQ-MF6H-48XH PrestaShop Checkout allows customer account takeover via email

Impact Missing validation on Express Checkout feature allows silent log-in Affected versions The issue was introduced in PrestaShop Checkout 1.3.0 . All versions above 1.3.0 are vulnerable except of course the patch versions published on 16/10/2025: 7.4.4.1, 8.4.4.1, 7.5.0.5, 8.5.0.5, 9.5.0.5...

CVE-2025-61922

PrestaShop Checkout is the PrestaShop official payment module in partnership with PayPal. Starting in version 1.3.0 and prior to versions 4.4.1 and 5.0.5, missing validation on the Express Checkout feature allows silent login, enabling account takeover via email. The vulnerability is fixed in...

CVE-2025-61922

PrestaShop Checkout (ps_checkout) vulnerability CVE-2025-61922 allows unauthenticated, zero-click account takeover by knowing the victim’s email. Affected versions are prior to 4.4.1 and 5.0.5; patches exist and fix is in 4.4.1 (for PrestaShop 1.7 and 8) and 5.0.5 (for 1.7, 8, and 9). Public expl...

PT-2025-42514

Name of the Vulnerable Software and Affected Versions PrestaShop Checkout versions 1.3.0 through 4.4.0 PrestaShop Checkout versions 5.0.0 through 5.0.4 Description The PrestaShop Checkout module, used in partnership with PayPal, contains a flaw in the Express Checkout feature. Missing validation...

Google Chrome Silent HTTP Authentication

Exploit for multiple platform in category dos / poc VULNERABILITY DETAILS The latest version of Google Chrome Tested on Version 24.0.1312.57 fails to properly recognize HTTP Basic Authentication when injected in various HTML tags. As a result of this behavior Chrome will not alert the user when...

Google Chrome - Silent HTTP Authentication

Google Chrome - Silent HTTP Authentication Exploit Title: Google Chrome Silent HTTP Authentication Date: 2-5-2013 Exploit Author: T355 Vendor Homepage: http://www.google.com/chrome Version: 24.0.1312.57 Tested on: Tested on: Windows 7 & Mac OSX Mountain Lion CVE : n/a VULNERABILITY DETAILS The...

Google Chrome - Silent HTTP Authentication

Exploit Title: Google Chrome Silent HTTP Authentication Date: 2-5-2013 Exploit Author: T355 Vendor Homepage: http://www.google.com/chrome Version: 24.0.1312.57 Tested on: Tested on: Windows 7 & Mac OSX Mountain Lion CVE : n/a VULNERABILITY DETAILS The latest version of Google Chrome Tested on...