PrestaShop is an open source e-commerce web application. Versions prior to 8.2.5 and 9.1.0 improperly use the validation framework. Versions 8.2.5 and 9.1.0 contain a fix. No known workarounds are available.
CVSS Vector
CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:N/I:L/A:NPrestashop
APPPrestashop< 8.2.59.0.0 – 9.1.0 (bez)
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
CWE
Related vulnerabilities
CVE-2024-34716CRITICAL9.6PL ✓ten sam produkt
XSS w PrestaShop umożliwiający przejęcie sesji administratora
CVE-2023-39526CRITICAL9.1ten sam produkt
PrestaShop is an open source e-commerce web application. Versions prior to 1.7.8.10, 8.0.5, and 8.1.1 are vuln...
CVE-2023-30149CRITICAL9.8ten sam produkt
SQL injection vulnerability in the City Autocomplete (cityautocomplete) module from ebewe.net for PrestaShop, ...
CVE-2023-30839CRITICAL9.9ten sam produkt
PrestaShop is an Open Source e-commerce web application. Versions prior to 8.0.4 and 1.7.8.9 contain a SQL fil...
CVE-2022-31181CRITICAL9.8ten sam produkt
PrestaShop is an Open Source e-commerce platform. In versions from 1.6.0.10 and before 1.7.8.7 PrestaShop is s...