Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
prestashop prestashop vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2023-31671
PrestaShop postfinance <= 17.1.13 is vulnerable to SQL Injection via PostfinanceValidationModuleFrontController::postProcess().
Webbax Postfinance
9.8
CVSSv3
CVE-2023-29632
PrestaShop jmspagebuilder 3.x is vulnerable to SQL Injection via ajax_jmspagebuilder.php.
Joommasters Jmspagebuilder -
9.8
CVSSv3
CVE-2023-29629
PrestaShop jmsthemelayout 2.5.5 is vulnerable to SQL Injection via ajax_jmsvermegamenu.php.
Jmsthemelayout Project Jmsthemelayout 2.5.5
9.8
CVSSv3
CVE-2023-29630
PrestaShop jmsmegamenu 1.1.x and 2.0.x is vulnerable to SQL Injection via ajax_jmsmegamenu.php.
Joommasters Jms Drop Mega Menu 1.0.0
Joommasters Jms Drop Mega Menu 2.0.0
9.8
CVSSv3
CVE-2023-29631
PrestaShop jmsslider 1.6.0 is vulnerable to Incorrect Access Control via ajax_jmsslider.php.
Joommasters Jms Slider 1.6.0
9.8
CVSSv3
CVE-2023-30149
SQL injection vulnerability in the City Autocomplete (cityautocomplete) module from ebewe.net for PrestaShop, prior to version 1.8.12 (for PrestaShop version 1.5/1.6) or before 2.0.3 (for PrestaShop version 1.7), allows remote malicious users to execute arbitrary SQL commands via...
Ebewe City Autocomplete
9.8
CVSSv3
CVE-2023-33278
In the Store Commander scexportcustomers module for PrestaShop up to and including 3.6.1, sensitive SQL calls can be executed with a trivial HTTP request and exploited to forge a blind SQL injection.
Storecommander Customers Export
9.8
CVSSv3
CVE-2023-33279
In the Store Commander scfixmyprestashop module through 2023-05-09 for PrestaShop, sensitive SQL calls can be executed with a trivial HTTP request and exploited to forge a blind SQL injection.
Scfixmyprestashop Project Scfixmyprestashop
9.8
CVSSv3
CVE-2023-33280
In the Store Commander scquickaccounting module for PrestaShop up to and including 3.7.3, multiple sensitive SQL calls can be executed with a trivial HTTP request and exploited to forge a blind SQL injection.
Storecommander Quickaccounting
9.8
CVSSv3
CVE-2023-30191
PrestaShop cdesigner < 3.1.9 is vulnerable to SQL Injection via CdesignerTraitementModuleFrontController::initContent().
Cdesigner Project Cdesigner
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-6280
CVE-2024-5346
CVE-2024-30078
CVE-2022-45803
CVE-2024-36886
SQL
CVE-2024-24553
IMAP
memory leak
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »