CVEDB API

Vulnerabilities

Vulnerable Software

Myprestamodules: >> Product Catalog (Csv, Excel) Import Security Vulnerabilities

CVE-2024-25847

SQL Injection vulnerability in MyPrestaModules "Product Catalog (CSV, Excel) Import" (simpleimportproduct) modules for PrestaShop versions 6.5.0 and before, allows attackers to escalate privileges and obtain sensitive information via Send::__construct() and importProducts::_addDataToDb methods.

CVSS Score

9.8

EPSS Score

0.001

Published

2024-03-03

CVE-2024-25846

In the module "Product Catalog (CSV, Excel) Import" (simpleimportproduct) <= 6.7.0 from MyPrestaModules for PrestaShop, a guest can upload files with extensions .php.

CVSS Score

9.1

EPSS Score

0.002

Published

2024-02-27

CVE-2023-39675

SimpleImportProduct Prestashop Module v6.2.9 was discovered to contain a SQL injection vulnerability via the key parameter at send.php.

CVSS Score

9.8

EPSS Score

0.002

Published

2023-09-20

CVE-2023-39677

MyPrestaModules Prestashop Module v6.2.9 and UpdateProducts Prestashop Module v3.6.9 were discovered to contain a PHPInfo information disclosure vulnerability via send.php.

CVSS Score

7.5

EPSS Score

0.772

Published

2023-09-20

Page 1

Vulnerabilities

Vulnerable Software

Myprestamodules: >> Product Catalog (Csv, Excel) Import Security Vulnerabilities

Products

Pricing

Contact Us