exploitDog

CVE-2023-33777

Опубликовано: 25 июл. 2023

Источник: nvd

CVSS3: 5.3

EPSS Низкий

Описание

An issue in /functions/fbaorder.php of Prestashop amazon before v5.2.24 allows attackers to execute a directory traversal attack.

Ссылки

https://addons.prestashop.com/fr/marketplace/2501-amazon-market-place.html
Vendor Advisory
https://security.friendsofpresta.org/modules/2023/07/13/amazon.html?_sm_pdc=1&_sm_rid=8j3vvHn3kPrR9r7QVvHpFPR9WHVDpvvHP9PLPMj
Third Party Advisory
https://addons.prestashop.com/fr/marketplace/2501-amazon-market-place.html
Vendor Advisory
https://security.friendsofpresta.org/modules/2023/07/13/amazon.html?_sm_pdc=1&_sm_rid=8j3vvHn3kPrR9r7QVvHpFPR9WHVDpvvHP9PLPMj
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:prestashop:amazon:*:*:*:*:*:*:*:*

Версия до 5.2.24 (исключая)

EPSS

Процентиль: 66%

0.00523

Низкий

5.3 Medium

CVSS3

Дефекты

CWE-22

Связанные уязвимости

GHSA-p4wp-gm4w-ppvc

CVSS3: 5.3

github

больше 2 лет назад

An issue in /functions/fbaorder.php of Prestashop amazon before v5.2.24 allows attackers to execute a directory traversal attack.

EPSS

Процентиль: 66%

0.00523

Низкий

5.3 Medium

CVSS3

Дефекты

CWE-22