17 matches found
CVE-2024-24307
Path Traversal vulnerability in Tunis Soft "Product Designer" productdesigner module for PrestaShop before version 1.178.36, allows a remote attacker to escalate privileges and obtain sensitive information via the ajaxProcessCropImage method...
CVE-2024-26469
Server-Side Request Forgery SSRF vulnerability in Tunis Soft "Product Designer" productdesigner module for PrestaShop before version 1.178.36, allows remote attackers to cause a denial of service DoS and escalate privileges via the url parameter in the postProcess method...
CVE-2024-24302
An issue was discovered in Tunis Soft "Product Designer" productdesigner module for PrestaShop before version 1.178.36, allows remote attackers to execute arbitrary code, escalate privileges, and obtain sensitive information via the postProcess method...
CVE-2024-26469
Server-Side Request Forgery SSRF vulnerability in Tunis Soft "Product Designer" productdesigner module for PrestaShop before version 1.178.36, allows remote attackers to cause a denial of service DoS and escalate privileges via the url parameter in the postProcess method...
CVE-2024-24302
An issue was discovered in Tunis Soft "Product Designer" productdesigner module for PrestaShop before version 1.178.36, allows remote attackers to execute arbitrary code, escalate privileges, and obtain sensitive information via the postProcess method...
Design/Logic Flaw
An issue was discovered in Tunis Soft "Product Designer" productdesigner module for PrestaShop before version 1.178.36, allows remote attackers to execute arbitrary code, escalate privileges, and obtain sensitive information via the postProcess method...
CVE-2024-24307
Path Traversal vulnerability in Tunis Soft "Product Designer" productdesigner module for PrestaShop before version 1.178.36, allows a remote attacker to escalate privileges and obtain sensitive information via the ajaxProcessCropImage method...
CVE-2024-24307
Path Traversal vulnerability in Tunis Soft "Product Designer" productdesigner module for PrestaShop before version 1.178.36, allows a remote attacker to escalate privileges and obtain sensitive information via the ajaxProcessCropImage method...
Path traversal
Path Traversal vulnerability in Tunis Soft "Product Designer" productdesigner module for PrestaShop before version 1.178.36, allows a remote attacker to escalate privileges and obtain sensitive information via the ajaxProcessCropImage method...
CVE-2024-26469
Server-Side Request Forgery SSRF vulnerability in Tunis Soft "Product Designer" productdesigner module for PrestaShop before version 1.178.36, allows remote attackers to cause a denial of service DoS and escalate privileges via the url parameter in the postProcess method...
CVE-2024-24302
An issue was discovered in Tunis Soft "Product Designer" productdesigner module for PrestaShop before version 1.178.36, allows remote attackers to execute arbitrary code, escalate privileges, and obtain sensitive information via the postProcess method...
CVE-2024-24307
CVE-2024-24307 describes a Path Traversal in the PrestaShop Product Designer module (productdesigner) for PrestaShop, before version 1.178.36. The vulnerability exists in the ajaxProcessCropImage() method and can let an unauthenticated or remote attacker escalate privileges and access sensitive i...
CVE-2024-24307
Path Traversal vulnerability in Tunis Soft "Product Designer" productdesigner module for PrestaShop before version 1.178.36, allows a remote attacker to escalate privileges and obtain sensitive information via the ajaxProcessCropImage method...
CVE-2024-26469
Summary of CVE-2024-26469 : A Server-Side Request Forgery (SSRF) vulnerability exists in Tunis Soft’s PrestaShop productmodule “Product Designer” (productdesigner) before version 1.178.36. The root cause is an unsafe handling of the url parameter in the postProcess() method, enabling remote attac...
CVE-2024-24307
Path Traversal vulnerability in Tunis Soft "Product Designer" productdesigner module for PrestaShop before version 1.178.36, allows a remote attacker to escalate privileges and obtain sensitive information via the ajaxProcessCropImage method...
CVE-2024-24302
The CVE-2024-24302 affects Tunis Soft’s Product Designer module for PrestaShop prior to version 1.178.36. The issue allows remote attackers to execute arbitrary code, escalate privileges, and obtain sensitive information through the postProcess() method. Root cause details are not explicitly desc...
CVE-2024-24302
An issue was discovered in Tunis Soft "Product Designer" productdesigner module for PrestaShop before version 1.178.36, allows remote attackers to execute arbitrary code, escalate privileges, and obtain sensitive information via the postProcess method...