VYPR

SimpleImportProduct

by Prestashop

CVEs (2)

  • CVE-2023-39675CriSep 20, 2023
    risk 0.64cvss 9.8epss 0.01

    SimpleImportProduct Prestashop Module v6.2.9 was discovered to contain a SQL injection vulnerability via the key parameter at send.php.

  • CVE-2024-25846CriFeb 27, 2024
    risk 0.59cvss 9.1epss 0.01

    In the module "Product Catalog (CSV, Excel) Import" (simpleimportproduct) <= 6.7.0 from MyPrestaModules for PrestaShop, a guest can upload files with extensions .php.