VYPR

simpleimportproduct

by MyPrestaModules

CVEs (2)

  • CVE-2024-25847Mar 3, 2024
    risk 0.00cvss epss 0.01

    SQL Injection vulnerability in MyPrestaModules "Product Catalog (CSV, Excel) Import" (simpleimportproduct) modules for PrestaShop versions 6.5.0 and before, allows attackers to escalate privileges and obtain sensitive information via Send::__construct() and…

  • CVE-2024-25846Feb 27, 2024
    risk 0.00cvss epss 0.01

    In the module "Product Catalog (CSV, Excel) Import" (simpleimportproduct) <= 6.7.0 from MyPrestaModules for PrestaShop, a guest can upload files with extensions .php.