Unrated severityNVD Advisory· Published Oct 18, 2023· Updated Sep 13, 2024
CVE-2023-45383
CVE-2023-45383
Description
In the module "SoNice etiquetage" (sonice_etiquetage) up to version 2.5.9 from Common-Services for PrestaShop, a guest can download personal information without restriction by performing a path traversal attack. Due to a lack of permissions control and a lack of control in the path name construction, a guest can perform a path traversal to view all files on the information system.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- Common-Services/SoNice etiquetagedescription
- Range: <=2.5.9
Patches
Vulnerability mechanics
References
2News mentions
0No linked articles in our index yet.