Skip to main content

Ap Pagebuilder

3 CVEs product

Monthly

CVE-2024-6648 HIGH This Week

Absolute Path Traversal vulnerability in AP Page Builder versions prior to 4.0.0 could allow an unauthenticated remote user to modify the 'product_item_path' within the 'config' JSON file, allowing. Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Path Traversal Ap Pagebuilder
NVD
CVSS 4.0
8.7
EPSS
0.3%
CVE-2022-44897 MEDIUM POC This Month

A cross-site scripting (XSS) vulnerability in ApolloTheme AP PageBuilder component through 2.4.4 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS Ap Pagebuilder
NVD GitHub VulDB
CVSS 3.1
6.1
EPSS
0.8%
CVE-2022-22897 CRITICAL POC THREAT Act Now

A SQL injection vulnerability in the product_all_one_img and image_product parameters of the ApolloTheme AP PageBuilder component through 2.4.4 for PrestaShop allows unauthenticated attackers to. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

SQLi Ap Pagebuilder
NVD
CVSS 3.1
9.8
EPSS
10.8%
EPSS 0% CVSS 8.7
HIGH This Week

Absolute Path Traversal vulnerability in AP Page Builder versions prior to 4.0.0 could allow an unauthenticated remote user to modify the 'product_item_path' within the 'config' JSON file, allowing. Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Path Traversal Ap Pagebuilder
NVD
EPSS 1% CVSS 6.1
MEDIUM POC This Month

A cross-site scripting (XSS) vulnerability in ApolloTheme AP PageBuilder component through 2.4.4 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS Ap Pagebuilder
NVD GitHub VulDB
EPSS 11% CVSS 9.8
CRITICAL POC THREAT Act Now

A SQL injection vulnerability in the product_all_one_img and image_product parameters of the ApolloTheme AP PageBuilder component through 2.4.4 for PrestaShop allows unauthenticated attackers to. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

SQLi Ap Pagebuilder
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy