Skip to main content

Product Catalog Csv Excel Import

4 CVEs product

Monthly

CVE-2024-25847 CRITICAL Act Now

SQL Injection vulnerability in MyPrestaModules "Product Catalog (CSV, Excel) Import" (simpleimportproduct) modules for PrestaShop versions 6.5.0 and before, allows attackers to escalate privileges. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Privilege Escalation SQLi Product Catalog Csv Excel Import
NVD GitHub
CVSS 3.1
9.8
EPSS
0.5%
CVE-2024-25846 CRITICAL POC Act Now

In the module "Product Catalog (CSV, Excel) Import" (simpleimportproduct) <= 6.7.0 from MyPrestaModules for PrestaShop, a guest can upload files with extensions .php. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP File Upload Product Catalog Csv Excel Import
NVD
CVSS 3.1
9.1
EPSS
0.8%
CVE-2023-39675 CRITICAL POC Act Now

SimpleImportProduct Prestashop Module v6.2.9 was discovered to contain a SQL injection vulnerability via the key parameter at send.php. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Product Catalog Csv Excel Import
NVD
CVSS 3.1
9.8
EPSS
0.8%
CVE-2023-39677 HIGH POC THREAT This Week

MyPrestaModules Prestashop Module v6.2.9 and UpdateProducts Prestashop Module v3.6.9 were discovered to contain a PHPInfo information disclosure vulnerability via send.php. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure PHP Product Catalog Csv Excel Import Updateproducts
NVD
CVSS 3.1
7.5
EPSS
30.8%
EPSS 1% CVSS 9.8
CRITICAL Act Now

SQL Injection vulnerability in MyPrestaModules "Product Catalog (CSV, Excel) Import" (simpleimportproduct) modules for PrestaShop versions 6.5.0 and before, allows attackers to escalate privileges. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Privilege Escalation SQLi Product Catalog Csv Excel Import
NVD GitHub
EPSS 1% CVSS 9.1
CRITICAL POC Act Now

In the module "Product Catalog (CSV, Excel) Import" (simpleimportproduct) <= 6.7.0 from MyPrestaModules for PrestaShop, a guest can upload files with extensions .php. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP File Upload Product Catalog Csv Excel Import
NVD
EPSS 1% CVSS 9.8
CRITICAL POC Act Now

SimpleImportProduct Prestashop Module v6.2.9 was discovered to contain a SQL injection vulnerability via the key parameter at send.php. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Product Catalog Csv Excel Import
NVD
EPSS 31% CVSS 7.5
HIGH POC THREAT This Week

MyPrestaModules Prestashop Module v6.2.9 and UpdateProducts Prestashop Module v3.6.9 were discovered to contain a PHPInfo information disclosure vulnerability via send.php. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure PHP Product Catalog Csv Excel Import +1
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy