Aggregates CVE and security vulnerability intelligence across all mypresta-related products, including CVSS, EPSS, publication dates, and vulnerability intelligence data.
Disclosed issues often relate to vendor risk sql injection; exposure may include vendor impact data exposure in vendor surface software deployment and vendor surface production workloads contexts.
| CVE | Summary | Source | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2023-46351 | In the module mib < 1.6.1 from MyPresta.eu for PrestaShop, a guest can perform SQL injection. The methods `mib::getManufacturersByCategory()` has sensitive SQL calls that can be executed with a trivial http call and exploited to forge a SQL injection. | [email protected] | 9.8 | 0.14% | 2024-01-19 | 2025-06-20 |
| CVE-2023-46353 | In the module "Product Tag Icons Pro" (ticons) before 1.8.4 from MyPresta.eu for PrestaShop, a guest can perform SQL injection. The method TiconProduct::getTiconByProductAndTicon() has sensitive SQL calls that can be executed with a trivial http call and exploited to forge a SQL injection. | [email protected] | 9.8 | 0.07% | 2023-12-06 | 2024-11-21 |
| CVE-2023-45386 | In the module extratabspro before version 2.2.8 from MyPresta.eu for PrestaShop, a guest can perform SQL injection via `extratabspro::searchcategory()`, `extratabspro::searchproduct()` and `extratabspro::searchmanufacturer().' | [email protected] | 9.8 | 0.23% | 2023-10-17 | 2024-11-21 |
| CVE-2021-40814 | The Customer Photo Gallery addon before 2.9.4 for PrestaShop is vulnerable to SQL injection. | [email protected] | 9.8 | 0.26% | 2021-09-08 | 2024-11-21 |
| CVE-2018-19355 | modules/orderfiles/ajax/upload.php in the Customer Files Upload addon 2018-08-01 for PrestaShop (1.5 through 1.7) allows remote attackers to execute arbitrary code by uploading a php file via modules/orderfiles/upload.php with auptype equal to product (for upload destinations under modules/productfiles), order (for upload destinations under modules/files), or cart (for upload destinations under modules/cartfiles). | [email protected] | 9.8 | 10.53% | 2018-11-19 | 2024-11-21 |