CVE-2011-4544
- EPSS 1.56%
- Veröffentlicht 01.12.2011 21:55:00
- Zuletzt bearbeitet 29.04.2026 01:13:23
Multiple cross-site scripting (XSS) vulnerabilities in Prestashop before 1.5 allow remote attackers to inject arbitrary web script or HTML via the (1) address or (2) relativ_base_dir parameter to modules/mondialrelay/googlemap.php; the (3) relativ_ba...
- EPSS 0.28%
- Veröffentlicht 24.09.2011 00:55:03
- Zuletzt bearbeitet 29.04.2026 01:13:23
PrestaShop 1.4.0.6 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by product-sort.php and certain other files.
CVE-2008-6503
- EPSS 1%
- Veröffentlicht 20.03.2009 18:30:00
- Zuletzt bearbeitet 23.04.2026 00:35:47
Multiple cross-site scripting (XSS) vulnerabilities in PrestaShop 1.1.0.3 allow remote attackers to inject arbitrary web script or HTML via the PATH_INFO to (1) admin/login.php and (2) order.php.
- EPSS 0.4%
- Veröffentlicht 31.12.2008 11:30:00
- Zuletzt bearbeitet 23.04.2026 00:35:47
Multiple unspecified vulnerabilities in PrestaShop e-Commerce Solution before 1.1 Beta 2 (aka 1.1.0.1) have unknown impact and attack vectors, related to the (1) bankwire module, (2) cheque module, and other components.