JA Marketplace

CVEs (2)

CVE	Vendor / Product	Sev	Risk	CVSS	EPSS	KEV	Published	Description
CVE-2024-33836	JA Module JA Marketplace	Cri	0.64	9.8	0.00		Jun 19, 2024	In the module "JA Marketplace" (jamarketplace) up to version 9.0.1 from JA Module for PrestaShop, a guest can upload files with extensions .php. In version 6.X, the method `JmarketplaceproductModuleFrontController::init()` and in version 8.X, the method…
CVE-2010-0374	Codingfish Com Marketplace		0.03	—	0.02		Jan 21, 2010	Cross-site scripting (XSS) vulnerability in the Marketplace (com_marketplace) component 1.2 for Joomla! allows remote attackers to inject arbitrary web script or HTML via the catid parameter in a show_category action to index.php.

CVE-2024-33836CriJun 19, 2024
JA Module
JA Marketplace
risk 0.64cvss 9.8epss 0.00
In the module "JA Marketplace" (jamarketplace) up to version 9.0.1 from JA Module for PrestaShop, a guest can upload files with extensions .php. In version 6.X, the method `JmarketplaceproductModuleFrontController::init()` and in version 8.X, the method…
CVE-2010-0374Jan 21, 2010
Codingfish
Com Marketplace
risk 0.03cvss —epss 0.02
Cross-site scripting (XSS) vulnerability in the Marketplace (com_marketplace) component 1.2 for Joomla! allows remote attackers to inject arbitrary web script or HTML via the catid parameter in a show_category action to index.php.