VYPR

opartdevis

by Prestashop

CVEs (2)

  • CVE-2023-48188Nov 27, 2023
    risk 0.00cvss epss 0.01

    SQL injection vulnerability in PrestaShop opartdevis v.4.5.18 thru v.4.6.12 allows a remote attacker to execute arbitrary code via a crafted script to the getModuleTranslation function.

  • CVE-2020-16194Feb 4, 2021
    risk 0.00cvss epss 0.01

    An Insecure Direct Object Reference (IDOR) vulnerability was found in Prestashop Opart devis < 4.0.2. Unauthenticated attackers can have access to any user's invoice and delivery address by exploiting an IDOR on the delivery_address and invoice_address fields.