Get a demo
Web Application Vulnerabilities Runtime SCA Findings
Looking for the vulnerability index of Invicti's legacy products?
Invicti Enterprise Acunetix Standard & Premium

E-Commerce

PrestaShop

PrestaShop e-Commerce Solution was built to take advantage of essential Web 2.0 innovations such as dynamic AJAX-powered features and next-generation ergonomy. PrestaShop guides users through your product catalog intelligently and effortlessly turning intrigued visitors into paying customers.

Official Site:

https://www.prestashop.com/en

Severity Summary:

Critical: 23 High: 14 Medium: 49
Reference
Title
Severity
CVE-2021-21308
PrestaShop Improper Authentication Vulnerability
Critical
CVE-2023-39530
PrestaShop Improper Input Validation Vulnerability
Critical
CVE-2021-3110
PrestaShop Improper Neutralization of Special Elements used in an SQL Command (SQL Injection) Vulnerability
Critical
CVE-2022-31181
PrestaShop Improper Neutralization of Special Elements used in an SQL Command (SQL Injection) Vulnerability
Critical
CVE-2018-8823
PrestaShop Improper Control of Generation of Code (Code Injection) Vulnerability
Critical
CVE-2018-8824
PrestaShop Improper Neutralization of Special Elements used in an SQL Command (SQL Injection) Vulnerability
Critical
CVE-2018-13784
PrestaShop Vulnerability
Critical
CVE-2018-19126
PrestaShop Unrestricted Upload of File with Dangerous Type Vulnerability
Critical
CVE-2018-19355
PrestaShop Unrestricted Upload of File with Dangerous Type Vulnerability
Critical
CVE-2013-6295
PrestaShop Improper Privilege Management Vulnerability
Critical
CVE-2022-21686
PrestaShop Improper Control of Generation of Code (Code Injection) Vulnerability
Critical
CVE-2020-15160
PrestaShop Improper Neutralization of Special Elements used in an SQL Command (SQL Injection) Vulnerability
Critical
CVE-2023-30838
PrestaShop Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Critical
CVE-2023-39529
PrestaShop Vulnerability
Critical
CVE-2023-31672
PrestaShop Improper Neutralization of Special Elements used in an SQL Command (SQL Injection) Vulnerability
Critical
CVE-2023-39525
PrestaShop Improper Limitation of a Pathname to a Restricted Directory (Path Traversal) Vulnerability
Critical
CVE-2021-43789
PrestaShop Improper Neutralization of Special Elements used in an SQL Command (SQL Injection) Vulnerability
Critical
CVE-2023-39524
PrestaShop Improper Neutralization of Special Elements used in an SQL Command (SQL Injection) Vulnerability
Critical
CVE-2008-5791
PrestaShop Vulnerability
Critical
CVE-2020-4074
PrestaShop Improper Authentication Vulnerability
Critical
CVE-2023-39526
PrestaShop Improper Neutralization of Special Elements used in an SQL Command (SQL Injection) Vulnerability
Critical
CVE-2019-19595
PrestaShop Unrestricted Upload of File with Dangerous Type Vulnerability
Critical
CVE-2019-19594
PrestaShop Unrestricted Upload of File with Dangerous Type Vulnerability
Critical
CVE-2020-26224
PrestaShop Vulnerability
High
CVE-2018-7491
PrestaShop Improper Restriction of Rendered UI Layers or Frames Vulnerability
High
CVE-2020-15082
PrestaShop Other Vulnerability
High
CVE-2024-41651
PrestaShop Server-Side Request Forgery (SSRF) Vulnerability
High
CVE-2018-19125
PrestaShop Vulnerability
High
CVE-2018-20717
PrestaShop Improper Control of Generation of Code (Code Injection) Vulnerability
High
CVE-2018-19124
PrestaShop Improper Limitation of a Pathname to a Restricted Directory (Path Traversal) Vulnerability
High