Prestashop: >> Prestashop >> 1.7.6.8 Security Vulnerabilities
PrestaShop is a fully scalable open source e-commerce solution. In PrestaShop before version 1.7.2 there is a CSV Injection vulnerability possible by using shop search keywords via the admin panel. The problem is fixed in 1.7.7.2
CVSS Score
6.8
EPSS Score
0.005
Published
2021-02-26
PrestaShop is a fully scalable open source e-commerce solution. In PrestaShop before version 1.7.2 the soft logout system is not complete and an attacker is able to foreign request and executes customer commands. The problem is fixed in 1.7.7.2
CVSS Score
6.1
EPSS Score
0.004
Published
2021-02-26
In PrestaShop before version 1.7.6.9 an attacker is able to list all the orders placed on the website without being logged by abusing the function that allows a shopping cart to be recreated from an order already placed. The problem is fixed in 1.7.6.9.
CVSS Score
7.5
EPSS Score
0.009
Published
2020-11-16
Page 3