Filtered by vendor Simpleimportproduct Project
Subscribe
Total
3 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2024-25846 | 1 Simpleimportproduct Project | 1 Simpleimportproduct | 2025-04-30 | N/A | 9.1 CRITICAL |
| In the module "Product Catalog (CSV, Excel) Import" (simpleimportproduct) <= 6.7.0 from MyPrestaModules for PrestaShop, a guest can upload files with extensions .php. | |||||
| CVE-2023-39677 | 2 Simpleimportproduct Project, Updateproducts Project | 2 Simpleimportproduct, Updateproducts | 2024-11-21 | N/A | 7.5 HIGH |
| MyPrestaModules Prestashop Module v6.2.9 and UpdateProducts Prestashop Module v3.6.9 were discovered to contain a PHPInfo information disclosure vulnerability via send.php. | |||||
| CVE-2023-39675 | 1 Simpleimportproduct Project | 1 Simpleimportproduct | 2024-11-21 | N/A | 9.8 CRITICAL |
| SimpleImportProduct Prestashop Module v6.2.9 was discovered to contain a SQL injection vulnerability via the key parameter at send.php. | |||||