Skip to main content

Orders Csv Excel Export Pro

3 CVEs product

Monthly

CVE-2024-28396 HIGH This Week

An issue in MyPrestaModules ordersexport v.6.0.2 and before allows a remote attacker to execute arbitrary code via the download.php component. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Code Injection PHP RCE Orders Csv Excel Export Pro
NVD
CVSS 3.1
7.5
EPSS
0.8%
CVE-2023-46354 HIGH This Week

In the module "Orders (CSV, Excel) Export PRO" (ordersexport) < 5.2.0 from MyPrestaModules for PrestaShop, a guest can download personal information without restriction. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Orders Csv Excel Export Pro
NVD
CVSS 3.1
7.5
EPSS
0.6%
CVE-2023-40923 HIGH PATCH This Week

MyPrestaModules ordersexport before v5.0 was discovered to contain multiple SQL injection vulnerabilities at send.php via the key and save_setting parameters. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity.

PHP SQLi Orders Csv Excel Export Pro
NVD
CVSS 3.1
8.8
EPSS
0.7%
EPSS 1% CVSS 7.5
HIGH This Week

An issue in MyPrestaModules ordersexport v.6.0.2 and before allows a remote attacker to execute arbitrary code via the download.php component. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Code Injection PHP RCE +1
NVD
EPSS 1% CVSS 7.5
HIGH This Week

In the module "Orders (CSV, Excel) Export PRO" (ordersexport) < 5.2.0 from MyPrestaModules for PrestaShop, a guest can download personal information without restriction. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Orders Csv Excel Export Pro
NVD
EPSS 1% CVSS 8.8
HIGH PATCH This Week

MyPrestaModules ordersexport before v5.0 was discovered to contain multiple SQL injection vulnerabilities at send.php via the key and save_setting parameters. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity.

PHP SQLi Orders Csv Excel Export Pro
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy