Unrated severityNVD Advisory· Published Sep 20, 2023· Updated Sep 6, 2024
Path Traversal in M4 PDF plugin for Prestashop sites
CVE-2022-45447
Description
M4 PDF plugin for Prestashop sites, in its 3.2.3 version and before, is vulnerable to a directory traversal vulnerability. The “f” parameter is not properly checked in the resource /m4pdf/pdf.php, returning any file given its relative path. An attacker that exploits this vulnerability could download /etc/passwd from the server if the file exists.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- Range: <= 3.2.3
- Prestashop/M4 PDF pluginv5Range: 0
Patches
Vulnerability mechanics
References
1News mentions
0No linked articles in our index yet.