exploitDog

GHSA-9jmq-68m9-2x2j

Опубликовано: 27 фев. 2024

Источник: github

Github: Не прошло ревью

CVSS3: 7.5

Описание

In the module "Account Manager | Sales Representative & Dealers | CRM" (prestasalesmanager) up to 9.0 from Presta World for PrestaShop, a guest can download personal information without restriction by performing a path traversal attack.

In the module "Account Manager | Sales Representative & Dealers | CRM" (prestasalesmanager) up to 9.0 from Presta World for PrestaShop, a guest can download personal information without restriction by performing a path traversal attack.

Ссылки

EPSS

Процентиль: 63%

0.00438

Низкий

7.5 High

CVSS3

CVE ID

Дефекты

CWE-31

Связанные уязвимости

CVE-2024-25840

CVSS3: 7.5

nvd

почти 2 года назад

In the module "Account Manager | Sales Representative & Dealers | CRM" (prestasalesmanager) up to 9.0 from Presta World for PrestaShop, a guest can download personal information without restriction by performing a path traversal attack.

EPSS

Процентиль: 63%

0.00438

Низкий

7.5 High

CVSS3

CVE ID

Дефекты

CWE-31