Hipresta CVE - OpenCVE

Filtered by vendor Hipresta Subscribe

Total 2 CVE

CVE	Vendors	Products	Updated	CVSS v2	CVSS v3
CVE-2024-24303	1 Hipresta	1 Gift Wrapping Pro	2024-11-21	N/A	9.8 CRITICAL
SQL Injection vulnerability in HiPresta "Gift Wrapping Pro" (hiadvancedgiftwrapping) module for PrestaShop before version 1.4.1, allows remote attackers to escalate privileges and obtain sensitive information via the HiAdvancedGiftWrappingGiftWrappingModuleFrontController::addGiftWrappingCartValue() method.
CVE-2023-45376	1 Hipresta	1 Carousels Pack	2024-11-21	N/A	9.8 CRITICAL
In the module "Carousels Pack - Instagram, Products, Brands, Supplier" (hicarouselspack) for PrestaShop up to version 1.5.0 from HiPresta for PrestaShop, a guest can perform SQL injection via HiCpProductGetter::getViewedProduct().`

Vulnerabilities (CVE)