VYPR

AP PageBuilder

by ApolloTheme

CVEs (2)

  • CVE-2022-22897CriAug 29, 2022
    risk 0.65cvss 9.8epss 0.11

    A SQL injection vulnerability in the product_all_one_img and image_product parameters of the ApolloTheme AP PageBuilder component through 2.4.4 for PrestaShop allows unauthenticated attackers to exfiltrate database data.

  • CVE-2022-44897MedJan 31, 2023
    risk 0.40cvss 6.1epss 0.01

    A cross-site scripting (XSS) vulnerability in ApolloTheme AP PageBuilder component through 2.4.4 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the show_number parameter.