Prestashop: >> Prestashop Security Vulnerabilities
PrestaShop 1.4.0.6 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by product-sort.php and certain other files.
CVSS Score
5.0
EPSS Score
0.003
Published
2011-09-24
Multiple cross-site scripting (XSS) vulnerabilities in PrestaShop 1.1.0.3 allow remote attackers to inject arbitrary web script or HTML via the PATH_INFO to (1) admin/login.php and (2) order.php.
CVSS Score
4.3
EPSS Score
0.007
Published
2009-03-20
Multiple unspecified vulnerabilities in PrestaShop e-Commerce Solution before 1.1 Beta 2 (aka 1.1.0.1) have unknown impact and attack vectors, related to the (1) bankwire module, (2) cheque module, and other components.
CVSS Score
10.0
EPSS Score
0.004
Published
2008-12-31
Page 10