VYPR
Vendor

MyPrestaModules

Products
3
CVEs
5
Across products
5
Status
Private

Products

3

Recent CVEs

5
  • CVE-2023-39677Sep 20, 2023
    risk 0.06cvss epss 0.31

    MyPrestaModules Prestashop Module v6.2.9 and UpdateProducts Prestashop Module v3.6.9 were discovered to contain a PHPInfo information disclosure vulnerability via send.php.

  • CVE-2024-28396Mar 20, 2024
    risk 0.00cvss epss 0.01

    An issue in MyPrestaModules ordersexport v.6.0.2 and before allows a remote attacker to execute arbitrary code via the download.php component.

  • CVE-2024-25847Mar 3, 2024
    risk 0.00cvss epss 0.01

    SQL Injection vulnerability in MyPrestaModules "Product Catalog (CSV, Excel) Import" (simpleimportproduct) modules for PrestaShop versions 6.5.0 and before, allows attackers to escalate privileges and obtain sensitive information via Send::__construct() and…

  • CVE-2024-25846Feb 27, 2024
    risk 0.00cvss epss 0.01

    In the module "Product Catalog (CSV, Excel) Import" (simpleimportproduct) <= 6.7.0 from MyPrestaModules for PrestaShop, a guest can upload files with extensions .php.

  • CVE-2023-40923Nov 15, 2023
    risk 0.00cvss epss 0.01

    MyPrestaModules ordersexport before v5.0 was discovered to contain multiple SQL injection vulnerabilities at send.php via the key and save_setting parameters.