CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Hipresta: Security Vulnerabilities

CVE-2024-24303

SQL Injection vulnerability in HiPresta "Gift Wrapping Pro" (hiadvancedgiftwrapping) module for PrestaShop before version 1.4.1, allows remote attackers to escalate privileges and obtain sensitive information via the HiAdvancedGiftWrappingGiftWrappingModuleFrontController::addGiftWrappingCartValue() method.

CVSS Score

9.8

EPSS Score

0.003

Published

2024-02-07

CVE-2023-45376

In the module "Carousels Pack - Instagram, Products, Brands, Supplier" (hicarouselspack) for PrestaShop up to version 1.5.0 from HiPresta for PrestaShop, a guest can perform SQL injection via HiCpProductGetter::getViewedProduct().`

CVSS Score

9.8

EPSS Score

0.001

Published

2023-10-19

Page 1

Vulnerabilities

Vulnerable Software

Hipresta: Security Vulnerabilities

Products

Pricing

Contact Us