Aggregates CVE and security vulnerability intelligence across all store-opart-related products, including CVSS, EPSS, publication dates, and vulnerability intelligence data.
Historical issues mainly involve vendor risk sql injection and related problems; some flaws may lead to vendor impact data exposure, affecting vendor surface production workloads scenarios.
| CVE | Summary | Source | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2023-50061 | PrestaShop Op'art Easy Redirect >= 1.3.8 and <= 1.3.12 is vulnerable to SQL Injection via Oparteasyredirect::hookActionDispatcher(). | [email protected] | 9.8 | 0.09% | 2024-02-08 | 2024-11-21 |
| CVE-2023-48188 | SQL injection vulnerability in PrestaShop opartdevis v.4.5.18 thru v.4.6.12 allows a remote attacker to execute arbitrary code via a crafted script to the getModuleTranslation function. | [email protected] | 9.8 | 0.69% | 2023-11-27 | 2024-11-21 |
| CVE-2020-16194 | An Insecure Direct Object Reference (IDOR) vulnerability was found in Prestashop Opart devis < 4.0.2. Unauthenticated attackers can have access to any user's invoice and delivery address by exploiting an IDOR on the delivery_address and invoice_address fields. | [email protected] | 5.3 | 0.84% | 2021-02-04 | 2026-01-27 |