exploitDog

GHSA-q66p-984j-xrmv

Опубликовано: 03 мар. 2024

Источник: github

Github: Не прошло ревью

CVSS3: 9.8

Описание

SQL Injection vulnerability in MyPrestaModules "Product Catalog (CSV, Excel) Import" (simpleimportproduct) modules for PrestaShop versions 6.5.0 and before, allows attackers to escalate privileges and obtain sensitive information via Send::__construct() and importProducts::_addDataToDb methods.

SQL Injection vulnerability in MyPrestaModules "Product Catalog (CSV, Excel) Import" (simpleimportproduct) modules for PrestaShop versions 6.5.0 and before, allows attackers to escalate privileges and obtain sensitive information via Send::__construct() and importProducts::_addDataToDb methods.

Ссылки

EPSS

Процентиль: 17%

0.00054

Низкий

9.8 Critical

CVSS3

CVE ID

Дефекты

CWE-269

Связанные уязвимости

CVE-2024-25847

CVSS3: 9.8

nvd

почти 2 года назад

SQL Injection vulnerability in MyPrestaModules "Product Catalog (CSV, Excel) Import" (simpleimportproduct) modules for PrestaShop versions 6.5.0 and before, allows attackers to escalate privileges and obtain sensitive information via Send::__construct() and importProducts::_addDataToDb methods.

EPSS

Процентиль: 17%

0.00054

Низкий

9.8 Critical

CVSS3

CVE ID

Дефекты

CWE-269