VYPR
Vendor

202ecommerce

Products
3
CVEs
3
Across products
3
Status
Private

Products

3

Recent CVEs

3
  • CVE-2024-41670HigJul 26, 2024
    risk 0.42cvss 7.5epss 0.00

    In the module "PayPal Official" for PrestaShop 7+ releases prior to version 6.4.2 and for PrestaShop 1.6 releases prior to version 3.18.1, a malicious customer can confirm an order even if payment is finally declined by PayPal. A logical weakness during the capture of a payment…

  • CVE-2023-48926MedJan 16, 2024
    risk 0.34cvss 5.3epss 0.00

    An issue in 202 ecommerce Advanced Loyalty Program: Loyalty Points before v2.3.4 for PrestaShop allows unauthenticated attackers to arbitrarily change an order status.

  • CVE-2023-28843CriMar 31, 2023
    risk 0.00cvss 9.8epss 0.01

    PrestaShop/paypal is an open source module for the PrestaShop web commerce ecosystem which provides paypal payment support. A SQL injection vulnerability found in the PrestaShop paypal module from release from 3.12.0 to and including 3.16.3 allow a remote attacker to gain…