CVE-2023-27639
- EPSS 79.83%
- Veröffentlicht 01.06.2023 21:15:09
- Zuletzt bearbeitet 09.01.2025 20:15:31
An issue was discovered in the tshirtecommerce (aka Custom Product Designer) component 2.1.4 for PrestaShop. An HTTP request can be forged with the POST parameter file_name in the tshirtecommerce/ajax.php?type=svg endpoint, to allow a remote attacker...
CVE-2023-27640
- EPSS 79.83%
- Veröffentlicht 01.06.2023 21:15:09
- Zuletzt bearbeitet 08.01.2025 21:15:07
An issue was discovered in the tshirtecommerce (aka Custom Product Designer) component 2.1.4 for PrestaShop. An HTTP request can be forged with the POST parameter type in the /tshirtecommerce/fonts.php endpoint, to allow a remote attacker to traverse...
CVE-2023-27637
- EPSS 58.69%
- Veröffentlicht 22.03.2023 13:15:10
- Zuletzt bearbeitet 26.02.2025 16:15:13
An issue was discovered in the tshirtecommerce (aka Custom Product Designer) component 2.1.4 for PrestaShop. An HTTP request can be forged with a compromised product_id GET parameter in order to exploit an insecure parameter in the front controller f...
CVE-2023-27638
- EPSS 58.69%
- Veröffentlicht 22.03.2023 13:15:10
- Zuletzt bearbeitet 26.02.2025 16:15:14
An issue was discovered in the tshirtecommerce (aka Custom Product Designer) component 2.1.4 for PrestaShop. An HTTP request can be forged with a compromised tshirtecommerce_design_cart_id GET parameter in order to exploit an insecure parameter in th...