Get a demo
100% Signal 0% Noise Invicti Logo - The Largest Dynamic Application Security Solutions Provider In The World Get a demo

E-Commerce

PrestaShop

PrestaShop e-Commerce Solution was built to take advantage of essential Web 2.0 innovations such as dynamic AJAX-powered features and next-generation ergonomy. PrestaShop guides users through your product catalog intelligently and effortlessly turning intrigued visitors into paying customers.

Official Site:

https://www.prestashop.com/en

Severity Summary:

Critical: 23 High: 14 Medium: 49
Reference
Title
Severity
CVE-2023-39528
PrestaShop Improper Limitation of a Pathname to a Restricted Directory (Path Traversal) Vulnerability
High
CVE-2023-25170
PrestaShop Cross-Site Request Forgery (CSRF) Vulnerability
High
CVE-2023-30839
PrestaShop Improper Neutralization of Special Elements used in an SQL Command (SQL Injection) Vulnerability
High
CVE-2013-6358
PrestaShop Unrestricted Upload of File with Dangerous Type Vulnerability
High
CVE-2021-21302
PrestaShop Improper Neutralization of Formula Elements in a CSV File Vulnerability
High
CVE-2023-30151
PrestaShop Improper Neutralization of Special Elements used in an SQL Command (SQL Injection) Vulnerability
High
CVE-2019-13461
PrestaShop Authorization Bypass Through User-Controlled Key Vulnerability
High
CVE-2021-21398
PrestaShop Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2012-20001
PrestaShop Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2020-15162
PrestaShop Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2020-21967
PrestaShop Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2011-3796
PrestaShop Exposure of Sensitive Information to an Unauthorized Actor Vulnerability
Medium
CVE-2022-46158
PrestaShop Exposure of Sensitive Information to an Unauthorized Actor Vulnerability
Medium
CVE-2023-30545
PrestaShop Improper Neutralization of Special Elements used in an SQL Command (SQL Injection) Vulnerability
Medium
CVE-2023-31508
PrestaShop Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2023-39527
PrestaShop Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2023-43663
PrestaShop Improper Privilege Management Vulnerability
Medium
CVE-2023-43664
PrestaShop Improper Privilege Management Vulnerability
Medium
CVE-2024-21627
PrestaShop Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2024-21628
PrestaShop Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2024-26129
PrestaShop Improper Limitation of a Pathname to a Restricted Directory (Path Traversal) Vulnerability
Medium
CVE-2024-34716
PrestaShop Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2008-6503
PrestaShop Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2013-4791
PrestaShop Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2011-4544
PrestaShop Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2020-5276
PrestaShop Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2020-15161
PrestaShop Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2020-15083
PrestaShop Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2020-15081
PrestaShop Exposure of Sensitive Information to an Unauthorized Actor Vulnerability
Medium
CVE-2020-15080
PrestaShop Exposure of Sensitive Information to an Unauthorized Actor Vulnerability
Medium