CVE-2024-28390

An issue in Advanced Plugins ultimateimagetool module for PrestaShop before v.2.2.01, allows a remote attacker to escalate privileges and obtain sensitive information via Improper Access Control...

PrestaShop Security Breach

PrestaShop is an open source e-commerce solution from PrestaShop, Inc. in the United States. The solution offers multiple payment methods, short message alerts and product image scaling. A security vulnerability exists in PrestaShop ultimateimagetool versions prior to 2.2.01, which originated fro...

CVE-2024-28390

CVE-2024-28390 affects the Advanced Plugins ultimateimagetool module for PrestaShop prior to version 2.2.01. The issue permits a remote attacker to escalate privileges and access sensitive information due to improper access control in the module. Evidence from multiple sources confirms the vulner...

PT-2024-22410 · Unknown +1 · Prestashop +1

Name of the Vulnerable Software and Affected Versions: Advanced Plugins ultimateimagetool module for PrestaShop versions prior to 2.2.01 Description: An issue in the ultimateimagetool module allows a remote attacker to escalate privileges and obtain sensitive information via Improper Access...

CVE-2024-28390

An issue in Advanced Plugins ultimateimagetool module for PrestaShop before v.2.2.01, allows a remote attacker to escalate privileges and obtain sensitive information via Improper Access Control...

CVE-2023-30200

In the module “Image: WebP, Compress, Zoom, Lazy load, Alt & More” ultimateimagetool in versions up to 2.1.02 from Advanced Plugins for PrestaShop, a guest can download personal informations without restriction by performing a path traversal attack...