Page 8 of 51 results (0.005 seconds)

CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0

In PrestaShop between versions 1.6.0.0 and 1.7.6.5, there is a reflected XSS with `date_from` and `date_to` parameters in the dashboard page This problem is fixed in 1.7.6.5 En PrestaShop entre las versiones 1.6.0.0 y 1.7.6.5, hay una vulnerabilidad de tipo XSS reflejado con los parámetros "date_from" y "date_to" en la página del panel de control. Este problema es corregido en la versión 1.7.6.5 • https://github.com/PrestaShop/PrestaShop/commit/c464518d2aaf195007a1eb055fce64a9a027e00a https://github.com/PrestaShop/PrestaShop/security/advisories/GHSA-m2x6-c2c6-pjrx • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0

In PrestaShop between versions 1.5.5.0 and 1.7.6.5, there is a reflected XSS on Search page with `alias` and `search` parameters. The problem is patched in 1.7.6.5 En PrestaShop entre las versiones 1.5.5.0 y 1.7.6.5, hay una vulnerabilidad de tipo XSS reflejado en la página Search con los parámetros "alias" y "search". El problema está solucionado en la versión 1.7.6.5 • https://github.com/PrestaShop/PrestaShop/commit/d3bf027fa37e8105fed3c809d636ebe787e43f46 https://github.com/PrestaShop/PrestaShop/security/advisories/GHSA-rpg3-f23r-jmqv • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0

In PrestaShop between versions 1.5.4.0 and 1.7.6.5, there is a reflected XSS on Exception page The problem is fixed in 1.7.6.5 En PrestaShop entre las versiones 1.5.4.0 y 1.7.6.5, hay una vulnerabilidad de tipo XSS reflejado en la página Exception. El problema es corregido en la versión 1.7.6.5 • https://github.com/PrestaShop/PrestaShop/commit/ea85210d6e5d81f058b55764bc4608cdb0b36c5d https://github.com/PrestaShop/PrestaShop/security/advisories/GHSA-mrpj-67mq-3fr5 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0

In PrestaShop between versions 1.5.0.0 and 1.7.6.5, there are improper access control since the the version 1.5.0.0 for legacy controllers. - admin-dev/index.php/configure/shop/customer-preferences/ - admin-dev/index.php/improve/international/translations/ - admin-dev/index.php/improve/international/geolocation/ - admin-dev/index.php/improve/international/localization - admin-dev/index.php/configure/advanced/performance - admin-dev/index.php/sell/orders/delivery-slips/ - admin-dev/index.php?controller=AdminStatuses The problem is fixed in 1.7.6.5 En PrestaShop entre las versiones 1.5.0.0 y 1.7.6.5, hay un control de acceso inapropiado desde la versión 1.5.0.0 para controladores heredados. - admin-dev/index.php/configure/shop/customer-preferences/ - admin-dev/index.php/improve/international/translations/ - admin-dev/index.php/improve/international/geolocation/ - admin-dev/index.php/improve/international/localization - admin-dev/index.php/configure/advanced/performance - admin-dev/index.php/sell/orders/delivery-slips/ - admin-dev/index.php?controller=AdminStatuses. El problema es corregido en la versión 1.7.6.5 • https://github.com/PrestaShop/PrestaShop/commit/4444fb85761667a2206874a3112ccc77f657d76a https://github.com/PrestaShop/PrestaShop/security/advisories/GHSA-74vp-ww64-w2gm • CWE-284: Improper Access Control CWE-863: Incorrect Authorization •

CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0

In PrestaShop before version 1.7.6.5, there is a reflected XSS while running the security compromised page. It allows anyone to execute arbitrary action. The problem is patched in the 1.7.6.5. En PrestaShop versiones anteriores a 1.7.6.5, hay una vulnerabilidad de tipo XSS reflejado mientras se ejecuta la página security compromised. Permite a cualquiera ejecutar una acción arbitraria. • https://github.com/PrestaShop/PrestaShop/commit/06b7765c91c58e09ab4f8ddafbde02070fcb6f3a https://github.com/PrestaShop/PrestaShop/security/advisories/GHSA-48vj-vvr6-jj4f • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •