exploitDog

CVE-2024-25848

Опубликовано: 08 мар. 2024

Источник: nvd

CVSS3: 5.9

EPSS Низкий

Описание

In the module "Ever Ultimate SEO" (everpsseo) <= 8.1.2 from Team Ever for PrestaShop, a guest can perform SQL injection in affected versions.

Ссылки

https://addons.prestashop.com/fr/seo-referencement-naturel/39489-ever-ultimate-seo.html
Product
https://security.friendsofpresta.org/modules/2024/03/05/everpsseo.html
Third Party Advisory
https://www.team-ever.com/prestashop-ever-ultimate-seo/
Product
https://addons.prestashop.com/fr/seo-referencement-naturel/39489-ever-ultimate-seo.html
Product
https://security.friendsofpresta.org/modules/2024/03/05/everpsseo.html
Third Party Advisory
https://www.team-ever.com/prestashop-ever-ultimate-seo/
Product

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:team-ever:seo:*:*:*:*:*:prestashop:*:*

Версия до 8.1.2 (включая)

EPSS

Процентиль: 10%

0.00035

Низкий

5.9 Medium

CVSS3

Дефекты

CWE-89

Связанные уязвимости

GHSA-g34f-wc65-5684

CVSS3: 5.9

github

почти 2 года назад

In the module "Ever Ultimate SEO" (everpsseo) <= 8.1.2 from Team Ever for PrestaShop, a guest can perform SQL injection in affected versions.

EPSS

Процентиль: 10%

0.00035

Низкий

5.9 Medium

CVSS3

Дефекты

CWE-89