CVSS: 9.1EPSS: 5%CPEs: 2EXPL: 2CVE-2018-13784 – PrestaShop < 1.6.1.19 - 'AES CBC' Privilege Escalation
https://notcve.org/view.php?id=CVE-2018-13784
PrestaShop before 1.6.1.20 and 1.7.x before 1.7.3.4 mishandles cookie encryption in Cookie.php, Rinjdael.php, and Blowfish.php. PrestaShop en versiones anteriores a la 1.6.1.20 y versiones 1.7.x anteriores a la 1.7.3.4 gestiona de manera incorrecta el cifrado de cookies en Cookie.php, Rinjdael.php y Blowfish.php. • https://www.exploit-db.com/exploits/45046 https://www.exploit-db.com/exploits/45047 http://build.prestashop.com/news/prestashop-1-7-3-4-1-6-1-20-maintenance-releases https://github.com/PrestaShop/PrestaShop/pull/9218 https://github.com/PrestaShop/PrestaShop/pull/9222 •
CVSS: 9.8EPSS: 0%CPEs: 2EXPL: 1CVE-2018-8824
https://notcve.org/view.php?id=CVE-2018-8824
modules/bamegamenu/ajax_phpcode.php in the Responsive Mega Menu (Horizontal+Vertical+Dropdown) Pro module 1.0.32 for PrestaShop 1.5.5.0 through 1.7.2.5 allows remote attackers to execute a SQL Injection through function calls in the code parameter. modules/bamegamenu/ajax_phpcode.php en el módulo Responsive Mega Menu (Horizontal+Vertical+Dropdown) Pro 1.0.32 para PrestaShop de la versión 1.5.5.0 a la 1.7.2.5 permite que atacantes remotos ejecuten una inyección SQL mediante llamadas de función en el parámetro code. • https://ia-informatica.com/it/CVE-2018-8824 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 9.8EPSS: 13%CPEs: 2EXPL: 1CVE-2018-10942
https://notcve.org/view.php?id=CVE-2018-10942
modules/attributewizardpro/file_upload.php in the Attribute Wizard addon 1.6.9 for PrestaShop 1.4.0.1 through 1.6.1.18 allows remote attackers to execute arbitrary code by uploading a .phtml file. modules/attributewizardpro/file_upload.php en el addon Attribute Wizard 1.6.9 para PrestaShop, de la versión 1.4.0.1 a la 1.6.1.18, permite que atacantes remotos ejecuten código arbitrario mediante la subida de un archivo .phtml. • https://ia-informatica.com/it/CVE-2018-10942 • CWE-434: Unrestricted Upload of File with Dangerous Type •
CVSS: 9.8EPSS: 24%CPEs: 2EXPL: 1CVE-2018-8823
https://notcve.org/view.php?id=CVE-2018-8823
modules/bamegamenu/ajax_phpcode.php in the Responsive Mega Menu (Horizontal+Vertical+Dropdown) Pro module 1.0.32 for PrestaShop 1.5.5.0 through 1.7.2.5 allows remote attackers to execute arbitrary PHP code via the code parameter. Modules/bamegamenu/ajax_phpcode.php en el módulo Responsive Mega Menu (Horizontal+Vertical+Dropdown) Pro 1.0.32 para PrestaShop, desde la versión 1.5.5.0 hasta la 1.7.2.5, permite que atacantes remotos ejecuten código PHP arbitrario mediante el parámetro code. • https://ia-informatica.com/it/CVE-2018-8823 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2018-7491
https://notcve.org/view.php?id=CVE-2018-7491
In PrestaShop through 1.7.2.5, a UI-Redressing/Clickjacking vulnerability was found that might lead to state-changing impact in the context of a user or an admin, because the generateHtaccess function in classes/Tools.php sets neither X-Frame-Options nor 'Content-Security-Policy "frame-ancestors' values. En PrestaShop hasta la versión 1.7.2.5, se ha encontrado una vulnerabilidad de secuestro de clics que podría conducir a un impacto que cambia el estado en el contexto de un usuario o administrador. Esto se debe a que la función generateHtaccess function en classes/Tools.php no establece los valores ni de X-Frame-Options ni de 'Content-Security-Policy "frame-ancestors'. • http://forge.prestashop.com/browse/BOOM-4917 https://github.com/PrestaShop/PrestaShop/pull/8807 • CWE-1021: Improper Restriction of Rendered UI Layers or Frames •