Store-Opart: >> Op'art Devis Security Vulnerabilities
SQL injection vulnerability in PrestaShop opartdevis v.4.5.18 thru v.4.6.12 allows a remote attacker to execute arbitrary code via a crafted script to the getModuleTranslation function.
CVSS Score
9.8
EPSS Score
0.007
Published
2023-11-27
An Insecure Direct Object Reference (IDOR) vulnerability was found in Prestashop Opart devis < 4.0.2. Unauthenticated attackers can have access to any user's invoice and delivery address by exploiting an IDOR on the delivery_address and invoice_address fields.
CVSS Score
5.3
EPSS Score
0.008
Published
2021-02-04