VYPR
Unrated severityNVD Advisory· Published Jul 2, 2020· Updated Aug 4, 2024

Information exposure in the upload directory in PrestaShop

CVE-2020-15081

Description

In PrestaShop from version 1.5.0.0 and before 1.7.6.6, there is information exposure in the upload directory. The problem is fixed in version 1.7.6.6. A possible workaround is to add an empty index.php file in the upload directory.

Affected products

2
  • Prestashop/Prestashopllm-fuzzy2 versions
    >=1.5.0.0, <1.7.6.6+ 1 more
    • (no CPE)range: >=1.5.0.0, <1.7.6.6
    • (no CPE)range: >= 1.5.0.0, < 1.7.6.6

Patches

Vulnerability mechanics

References

2

News mentions

0

No linked articles in our index yet.