Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
prestashop prestashop vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2023-39646
Improper neutralization of SQL parameter in Theme Volty CMS Category Chain Slider module for PrestaShop. In the module “Theme Volty CMS Category Chain Slide"(tvcmscategorychainslider) up to version 4.0.1 from Theme Volty for PrestaShop, a guest can perform SQL injectio...
Themevolty Theme Volty Cms Category Chain Slider
9.8
CVSSv3
CVE-2023-39648
Improper neutralization of SQL parameter in Theme Volty CMS Testimonial module for PrestaShop. In the module “Theme Volty CMS Testimonial” (tvcmstestimonial) up to version 4.0.1 from Theme Volty for PrestaShop, a guest can perform SQL injection in affected versions.
Themevolty Theme Volty Cms Testimonial
9.8
CVSSv3
CVE-2023-39649
Improper neutralization of SQL parameter in Theme Volty CMS Category Slider module for PrestaShop. In the module “Theme Volty CMS Category Slider” (tvcmscategoryslider) up to version 4.0.1 from Theme Volty for PrestaShop, a guest can perform SQL injection in affected ...
Themevolty Theme Volty Cms Category Slider
9.8
CVSSv3
CVE-2023-39651
Improper neutralization of SQL parameter in Theme Volty CMS BrandList module for PrestaShop In the module “Theme Volty CMS BrandList” (tvcmsbrandlist) up to version 4.0.1 from Theme Volty for PrestaShop, a guest can perform SQL injection in affected versions.
Themevolty Theme Volty Cms Brandlist
9.8
CVSSv3
CVE-2023-39645
Improper neutralization of SQL parameter in Theme Volty CMS Payment Icon module for PrestaShop. In the module “Theme Volty CMS Payment Icon” (tvcmspaymenticon) up to version 4.0.1 from Theme Volty for PrestaShop, a guest can perform SQL injection in affected versions.
Themevolty Cms Payment Icon
9.8
CVSSv3
CVE-2023-34576
SQL injection vulnerability in updatepos.php in PrestaShop opartfaq up to and including 1.0.3 allows remote malicious users to run arbitrary SQL commands via unspedified vector.
Opartfaq Project Opartfaq
9.8
CVSSv3
CVE-2023-34577
SQL injection vulnerability in Prestashop opartplannedpopup 1.4.11 and previous versions allows remote malicious users to run arbitrary SQL commands via OpartPlannedPopupModuleFrontController::prepareHook() method.
Planned Popup Project Planned Popup
9.8
CVSSv3
CVE-2023-39675
SimpleImportProduct Prestashop Module v6.2.9 exists to contain a SQL injection vulnerability via the key parameter at send.php.
Simpleimportproduct Project Simpleimportproduct 6.2.9
9.8
CVSSv3
CVE-2023-34575
SQL injection vulnerability in PrestaShop opartsavecart up to and including 2.0.7 allows remote malicious users to run arbitrary SQL commands via OpartSaveCartDefaultModuleFrontController::initContent() and OpartSaveCartDefaultModuleFrontController::displayAjaxSendCartByEmail() m...
Op'art Save Cart Project Op'art Save Cart
9.8
CVSSv3
CVE-2023-33663
In the module “Customization fields fee for your store” (aicustomfee) from ai-dev module for PrestaShop, an attacker can perform SQL injection up to 0.2.0. Release 0.2.1 fixed this security issue.
Ai-dev Aicustomfee
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
TCP
CVE-2024-4577
CVE-2024-2695
CVE-2024-31870
injection
CVE-2024-3813
arbitrary code
CVE-2024-27801
CVE-2024-30120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »