exploitDog

GHSA-7hhj-p5v7-qchh

Опубликовано: 03 мар. 2024

Источник: github

Github: Не прошло ревью

CVSS3: 7.5

Описание

Path Traversal vulnerability in Tunis Soft "Product Designer" (productdesigner) module for PrestaShop before version 1.178.36, allows a remote attacker to escalate privileges and obtain sensitive information via the ajaxProcessCropImage() method.

Path Traversal vulnerability in Tunis Soft "Product Designer" (productdesigner) module for PrestaShop before version 1.178.36, allows a remote attacker to escalate privileges and obtain sensitive information via the ajaxProcessCropImage() method.

Ссылки

EPSS

Процентиль: 23%

0.00076

Низкий

7.5 High

CVSS3

CVE ID

Дефекты

CWE-22

Связанные уязвимости

CVE-2024-24307

CVSS3: 7.5

nvd

почти 2 года назад

Path Traversal vulnerability in Tunis Soft "Product Designer" (productdesigner) module for PrestaShop before version 1.178.36, allows a remote attacker to escalate privileges and obtain sensitive information via the ajaxProcessCropImage() method.

EPSS

Процентиль: 23%

0.00076

Низкий

7.5 High

CVSS3

CVE ID

Дефекты

CWE-22