mPAY24 payment module
by Prestashop
CVEs (3)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2014-2009 | 0.04 | — | 0.07 | Sep 12, 2014 | The mPAY24 payment module before 1.6 for PrestaShop allows remote attackers to obtain credentials, the installation path, and other sensitive information via a direct request to api/curllog.log. | |||
| CVE-2019-6016 | 0.00 | — | 0.01 | Dec 26, 2019 | Cross-site scripting vulnerability in REMISE Payment Module (2.11, 2.12 and 2.13) version 3.0.12 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | |||
| CVE-2019-6017 | 0.00 | — | 0.01 | Dec 26, 2019 | REMISE Payment Module (2.11, 2.12 and 2.13) version 3.0.12 and earlier allow remote attackers to [Disclosed_Information_type] via unspecified vectors. |
- CVE-2014-2009Sep 12, 2014risk 0.04cvss —epss 0.07
The mPAY24 payment module before 1.6 for PrestaShop allows remote attackers to obtain credentials, the installation path, and other sensitive information via a direct request to api/curllog.log.
- CVE-2019-6016Dec 26, 2019risk 0.00cvss —epss 0.01
Cross-site scripting vulnerability in REMISE Payment Module (2.11, 2.12 and 2.13) version 3.0.12 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
- CVE-2019-6017Dec 26, 2019risk 0.00cvss —epss 0.01
REMISE Payment Module (2.11, 2.12 and 2.13) version 3.0.12 and earlier allow remote attackers to [Disclosed_Information_type] via unspecified vectors.