VYPR
Vendor

kerawen

Products
2
CVEs
2
Across products
2
Status
Private

Products

2

Recent CVEs

2
  • CVE-2023-40922CriNov 4, 2023
    risk 0.64cvss 9.8epss 0.01

    kerawen before v2.5.1 was discovered to contain a SQL injection vulnerability via the ocs_id_cart parameter at KerawenDeliveryModuleFrontController::initContent().

  • CVE-2023-27845CriJul 7, 2023
    risk 0.64cvss 9.8epss 0.01

    SQL injection vulnerability found in PrestaShop lekerawen_ocs before v.1.4.1 allow a remote attacker to gain privileges via the KerawenHelper::setCartOperationInfo, and KerawenHelper::resetCheckoutSessionData components.