- EPSS 3.77%
- Veröffentlicht 02.12.2011 11:55:05
- Zuletzt bearbeitet 16.06.2026 23:35:01
CRLF injection vulnerability in admin/displayImage.php in Prestashop 1.4.4.1 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via the name parameter.
CVE-2011-4544
- EPSS 3.31%
- Veröffentlicht 01.12.2011 21:55:00
- Zuletzt bearbeitet 16.06.2026 23:35:01
Multiple cross-site scripting (XSS) vulnerabilities in Prestashop before 1.5 allow remote attackers to inject arbitrary web script or HTML via the (1) address or (2) relativ_base_dir parameter to modules/mondialrelay/googlemap.php; the (3) relativ_ba...
- EPSS 1.93%
- Veröffentlicht 24.09.2011 00:55:03
- Zuletzt bearbeitet 16.06.2026 23:33:56
PrestaShop 1.4.0.6 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by product-sort.php and certain other files.
CVE-2008-6503
- EPSS 1.52%
- Veröffentlicht 20.03.2009 18:30:00
- Zuletzt bearbeitet 16.06.2026 23:02:20
Multiple cross-site scripting (XSS) vulnerabilities in PrestaShop 1.1.0.3 allow remote attackers to inject arbitrary web script or HTML via the PATH_INFO to (1) admin/login.php and (2) order.php.
- EPSS 1.54%
- Veröffentlicht 31.12.2008 11:30:00
- Zuletzt bearbeitet 16.06.2026 23:01:00
Multiple unspecified vulnerabilities in PrestaShop e-Commerce Solution before 1.1 Beta 2 (aka 1.1.0.1) have unknown impact and attack vectors, related to the (1) bankwire module, (2) cheque module, and other components.