Filtered by vendor Myprestamodules
Subscribe
Filtered by product Product Catalog \(csv\, Excel\) Import
Subscribe
Total
4 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-39675 | 1 Myprestamodules | 1 Product Catalog \(csv\, Excel\) Import | 2026-02-18 | N/A | 9.8 CRITICAL |
| SimpleImportProduct Prestashop Module v6.2.9 was discovered to contain a SQL injection vulnerability via the key parameter at send.php. | |||||
| CVE-2023-39677 | 2 Myprestamodules, Updateproducts Project | 2 Product Catalog \(csv\, Excel\) Import, Updateproducts | 2026-02-18 | N/A | 7.5 HIGH |
| MyPrestaModules Prestashop Module v6.2.9 and UpdateProducts Prestashop Module v3.6.9 were discovered to contain a PHPInfo information disclosure vulnerability via send.php. | |||||
| CVE-2024-25846 | 1 Myprestamodules | 1 Product Catalog \(csv\, Excel\) Import | 2026-02-18 | N/A | 9.1 CRITICAL |
| In the module "Product Catalog (CSV, Excel) Import" (simpleimportproduct) <= 6.7.0 from MyPrestaModules for PrestaShop, a guest can upload files with extensions .php. | |||||
| CVE-2024-25847 | 1 Myprestamodules | 1 Product Catalog \(csv\, Excel\) Import | 2025-05-05 | N/A | 9.8 CRITICAL |
| SQL Injection vulnerability in MyPrestaModules "Product Catalog (CSV, Excel) Import" (simpleimportproduct) modules for PrestaShop versions 6.5.0 and before, allows attackers to escalate privileges and obtain sensitive information via Send::__construct() and importProducts::_addDataToDb methods. | |||||