SimpleImportProduct
by Prestashop
CVEs (2)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2023-39675 | Cri | 0.64 | 9.8 | 0.01 | Sep 20, 2023 | SimpleImportProduct Prestashop Module v6.2.9 was discovered to contain a SQL injection vulnerability via the key parameter at send.php. | ||
| CVE-2024-25846 | Cri | 0.59 | 9.1 | 0.01 | Feb 27, 2024 | In the module "Product Catalog (CSV, Excel) Import" (simpleimportproduct) <= 6.7.0 from MyPrestaModules for PrestaShop, a guest can upload files with extensions .php. |
- risk 0.64cvss 9.8epss 0.01
SimpleImportProduct Prestashop Module v6.2.9 was discovered to contain a SQL injection vulnerability via the key parameter at send.php.
- risk 0.59cvss 9.1epss 0.01
In the module "Product Catalog (CSV, Excel) Import" (simpleimportproduct) <= 6.7.0 from MyPrestaModules for PrestaShop, a guest can upload files with extensions .php.