Skip to main content

Updateproducts

2 CVEs product

Monthly

CVE-2023-46349 CRITICAL PATCH Act Now

In the module "Product Catalog (CSV, Excel) Export/Update" (updateproducts) < 3.8.5 from MyPrestaModules for PrestaShop, a guest can perform SQL injection. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

SQLi Updateproducts
NVD
CVSS 3.1
9.8
EPSS
0.8%
CVE-2023-39677 HIGH POC THREAT This Week

MyPrestaModules Prestashop Module v6.2.9 and UpdateProducts Prestashop Module v3.6.9 were discovered to contain a PHPInfo information disclosure vulnerability via send.php. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure PHP Product Catalog Csv Excel Import Updateproducts
NVD
CVSS 3.1
7.5
EPSS
30.8%
EPSS 1% CVSS 9.8
CRITICAL PATCH Act Now

In the module "Product Catalog (CSV, Excel) Export/Update" (updateproducts) < 3.8.5 from MyPrestaModules for PrestaShop, a guest can perform SQL injection. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

SQLi Updateproducts
NVD
EPSS 31% CVSS 7.5
HIGH POC THREAT This Week

MyPrestaModules Prestashop Module v6.2.9 and UpdateProducts Prestashop Module v3.6.9 were discovered to contain a PHPInfo information disclosure vulnerability via send.php. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure PHP Product Catalog Csv Excel Import +1
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy