webbax CVE 脆弱性と CVE 一覧（7）

製品（CPE）: — CVE 件数: 7

webbax 脆弱性概要

webbax 関連製品全体の CVE とセキュリティ脆弱性情報を集約し、CVSS、EPSS、公開日、脆弱性情報データを掲載しています。

過去の問題は主にパス処理の欠陥 and vendor risk sql injection などに関し、一部はファイル上書きを招き、vendor surface software deployment and vendor surface production workloads 関連の場面に影響します。

掲載データは公開脆弱性情報とセキュリティ公告に基づき、過去の暴露面と修補優先度の評価に利用できます。

脆弱性分布の推移（直近24か月）

CVE	概要	ソース	CVSS 最大値	EPSS（%）	公開	更新
CVE-2024-25839	An issue was discovered in Webbax "Super Newsletter" (supernewsletter) module for PrestaShop versions 1.4.21 and before, allows local attackers to escalate privileges and obtain sensitive information.	[email protected]	7.5	0.45%	2024-03-03	2025-05-15
CVE-2023-31671	PrestaShop postfinance <= 17.1.13 is vulnerable to SQL Injection via PostfinanceValidationModuleFrontController::postProcess().	[email protected]	9.8	0.62%	2023-06-14	2025-01-06
CVE-2023-30198	Prestashop winbizpayment <= 1.0.2 is vulnerable to Incorrect Access Control via modules/winbizpayment/downloads/download.php.	[email protected]	7.5	5.52%	2023-06-12	2025-01-06
CVE-2023-3031	Improper Limitation of a Pathname leads to a Path Traversal vulnerability in the module King-Avis for Prestashop, allowing a user knowing the download token to read arbitrary local files.This issue affects King-Avis: before 17.3.15.	[email protected]	4.9	0.79%	2023-06-02	2024-11-21
CVE-2023-30197	Incorrect Access Control in the module "My inventory" (myinventory) <= 1.6.6 from Webbax for PrestaShop, allows a guest to download personal information without restriction by performing a path traversal attack.	[email protected]	7.5	0.70%	2023-05-31	2025-01-09
CVE-2023-30196	Prestashop salesbooster <= 1.10.4 is vulnerable to Incorrect Access Control via modules/salesbooster/downloads/download.php.	[email protected]	7.5	0.50%	2023-05-30	2025-01-13
CVE-2023-30199	Prestashop customexporter <= 1.7.20 is vulnerable to Incorrect Access Control via modules/customexporter/downloads/download.php.	[email protected]	7.5	0.70%	2023-05-19	2025-01-21

cvelogic Threat Intelligence