VYPR
Vendor

Active Design

Products
3
CVEs
2
Across products
2
Status
Private

Products

3

Recent CVEs

2
  • CVE-2023-47308CriNov 15, 2023
    risk 0.64cvss 9.8epss 0.01

    In the module "Newsletter Popup PRO with Voucher/Coupon code" (newsletterpop) before version 2.6.1 from Active Design for PrestaShop, a guest can perform SQL injection in affected versions. The method `NewsletterpopsendVerificationModuleFrontController::checkEmailSubscription()`…

  • CVE-2023-39641CriSep 15, 2023
    risk 0.64cvss 9.8epss 0.01

    Active Design psaffiliate before v1.9.8 was discovered to contain a SQL injection vulnerability via the component PsaffiliateGetaffiliatesdetailsModuleFrontController::initContent().