Описание
Incorrect Access Control in the module "My inventory" (myinventory) <= 1.6.6 from Webbax for PrestaShop, allows a guest to download personal information without restriction by performing a path traversal attack.
Ссылки
- Third Party Advisory
- Product
- Third Party Advisory
- Product
Уязвимые конфигурации
Конфигурация 1Версия до 1.6.7 (исключая)
cpe:2.3:a:webbax:myinventory:*:*:*:*:*:prestashop:*:*
EPSS
Процентиль: 29%
0.00105
Низкий
7.5 High
CVSS3
Дефекты
CWE-22
CWE-22
Связанные уязвимости
CVSS3: 7.5
github
больше 2 лет назад
Incorrect Access Control in the module "My inventory" (myinventory) <= 1.6.6 from Webbax for PrestaShop, allows a guest to download personal information without restriction by performing a path traversal attack.
EPSS
Процентиль: 29%
0.00105
Низкий
7.5 High
CVSS3
Дефекты
CWE-22
CWE-22