mypresta CVE 脆弱性と CVE 一覧(5)

製品(CPE): — CVE 件数: 5

mypresta 脆弱性概要

mypresta 関連製品全体の CVE とセキュリティ脆弱性情報を集約し、CVSS、EPSS、公開日、脆弱性情報データを掲載しています。

公開された問題は vendor risk sql injection に関連することが多く、vendor surface software deployment and vendor surface production workloads の文脈で vendor impact data exposure などの暴露リスクを伴う場合があります。

掲載データは公開脆弱性情報とセキュリティ公告に基づき、過去の暴露面と修補優先度の評価に利用できます。

脆弱性分布の推移(直近24か月)

表示中 15 / 5 CVE 件数
«« 先頭 « 前へ 1 / 1 次へ »
CVE 概要 ソース CVSS 最大値 EPSS(%) 公開 更新
CVE-2023-46351 In the module mib < 1.6.1 from MyPresta.eu for PrestaShop, a guest can perform SQL injection. The methods `mib::getManufacturersByCategory()` has sensitive SQL calls that can be executed with a trivial http call and exploited to forge a SQL injection. [email protected] 9.8 0.52% 2024-01-19 2026-06-17
CVE-2023-46353 In the module "Product Tag Icons Pro" (ticons) before 1.8.4 from MyPresta.eu for PrestaShop, a guest can perform SQL injection. The method TiconProduct::getTiconByProductAndTicon() has sensitive SQL calls that can be executed with a trivial http call and exploited to forge a SQL injection. [email protected] 9.8 0.77% 2023-12-06 2026-06-17
CVE-2023-45386 In the module extratabspro before version 2.2.8 from MyPresta.eu for PrestaShop, a guest can perform SQL injection via `extratabspro::searchcategory()`, `extratabspro::searchproduct()` and `extratabspro::searchmanufacturer().' [email protected] 9.8 0.64% 2023-10-17 2026-06-17
CVE-2021-40814 The Customer Photo Gallery addon before 2.9.4 for PrestaShop is vulnerable to SQL injection. [email protected] 9.8 1.07% 2021-09-08 2026-06-17
CVE-2018-19355 modules/orderfiles/ajax/upload.php in the Customer Files Upload addon 2018-08-01 for PrestaShop (1.5 through 1.7) allows remote attackers to execute arbitrary code by uploading a php file via modules/orderfiles/upload.php with auptype equal to product (for upload destinations under modules/productfiles), order (for upload destinations under modules/files), or cart (for upload destinations under modules/cartfiles). [email protected] 9.8 3.50% 2018-11-18 2026-06-16
«« 先頭 « 前へ 1 / 1 次へ »
cvelogic Threat Intelligence