NotCVE - "escalate privileges"

Page 102 of 3512 results (0.025 seconds)

CVSS: 9.8EPSS: 0%CPEs: -EXPL: 0

CVE-2024-25847

https://notcve.org/view.php?id=CVE-2024-25847

SQL Injection vulnerability in MyPrestaModules "Product Catalog (CSV, Excel) Import" (simpleimportproduct) modules for PrestaShop versions 6.5.0 and before, allows attackers to escalate privileges and obtain sensitive information via Send::__construct() and importProducts::_addDataToDb methods. • https://github.com/friends-of-presta/security-advisories/blob/main/_posts/2024-02-29-simpleimportproduct.md • CWE-269: Improper Privilege Management •

CVSS: 9.8EPSS: 0%CPEs: -EXPL: 0

CVE-2024-24302

https://notcve.org/view.php?id=CVE-2024-24302

An issue was discovered in Tunis Soft "Product Designer" (productdesigner) module for PrestaShop before version 1.178.36, allows remote attackers to execute arbitrary code, escalate privileges, and obtain sensitive information via the postProcess() method. • https://github.com/friends-of-presta/security-advisories/blob/main/_posts/2024-02-29-productdesigner-502.md • CWE-502: Deserialization of Untrusted Data •

CVSS: 7.5EPSS: 0%CPEs: -EXPL: 0

CVE-2024-24307

https://notcve.org/view.php?id=CVE-2024-24307

Path Traversal vulnerability in Tunis Soft "Product Designer" (productdesigner) module for PrestaShop before version 1.178.36, allows a remote attacker to escalate privileges and obtain sensitive information via the ajaxProcessCropImage() method. • https://github.com/friends-of-presta/security-advisories/blob/main/_posts/2024-02-29-productdesigner-22.md • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •

CVSS: -EPSS: 0%CPEs: -EXPL: 0

CVE-2024-25844

https://notcve.org/view.php?id=CVE-2024-25844

An issue was discovered in Common-Services "So Flexibilite" (soflexibilite) module for PrestaShop before version 4.1.26, allows remote attackers to escalate privileges and obtain sensitive information via debug file. • https://github.com/friends-of-presta/security-advisories/blob/main/_posts/2024-02-29-soflexibilite.md •

CVSS: -EPSS: 0%CPEs: -EXPL: 0

CVE-2024-26469

https://notcve.org/view.php?id=CVE-2024-26469

Server-Side Request Forgery (SSRF) vulnerability in Tunis Soft "Product Designer" (productdesigner) module for PrestaShop before version 1.178.36, allows remote attackers to cause a denial of service (DoS) and escalate privileges via the url parameter in the postProcess() method. • https://github.com/friends-of-presta/security-advisories/blob/main/_posts/2024-02-29-productdesigner-918.md •

1...100 101 102 103 104