VIR Vulnerability Intelligence Relay

Package impact

php Packagist / prestashop/prestashop

Severitycriticalhighmediumlowunknown
0
KEVHas exploit
Reset
CVE Severity CVSS Risk Published Description Impact
CVE-2026-44212 critical 9.3 9.3 19d ago PrestaShop has a stored XSS executable in customer service view php
CVE-2026-33673 unknown 2mo ago PrestaShop has multiple stored XSS vulnerabilities via unprotected Template variables php
CVE-2026-33674 unknown 2mo ago PrestaShop: Improper Use of Validation Framework php
CVE-2026-25597 unknown 4mo ago PrestaShop affected by time based enumeration in FO login form php
CVE-2025-51586 unknown 9mo ago Presta Shop vulnerable to email enumeration php
CVE-2024-34717 unknown 2y ago Anonymous PrestaShop customer can download other customers' invoices php
CVE-2024-34716 unknown 2y ago PrestaShop cross-site scripting via customer contact form in FO, through file upload php
CVE-2024-26129 unknown 2y ago Path disclosure in JavaScript variable php
CVE-2024-21628 unknown 2y ago PrestaShop XSS can be stored in DB from "add a message form" in order detail page (FO) php
CVE-2024-21627 unknown 2y ago PrestaShop some attribute not escaped in Validate::isCleanHTML method php
CVE-2023-43663 unknown 3y ago PrestaShop allows users to uninstall modules from backoffice, even with low rights php
CVE-2023-43664 unknown 3y ago PrestaShop allows employee without any access rights to list all installed modules php
CVE-2023-39530 unknown 3y ago PrestaShop file deletion via CustomerMessage php
CVE-2023-39529 unknown 3y ago PrestaShop file deletion via attachment API php
CVE-2023-39528 unknown 3y ago PrestaShop file access through path traversal php
CVE-2023-39527 unknown 3y ago PrestaShop XSS injection through Validate::isCleanHTML method php
CVE-2023-39526 unknown 3y ago PrestaShop SQL manager vulnerability php
CVE-2023-39525 unknown 3y ago PrestaShop path traversal php
CVE-2023-39524 unknown 3y ago PrestaShop boolean SQL injection php
CVE-2023-30545 unknown 3y ago Arbitrary file read via SQL injection php
CVE-2023-30838 unknown 3y ago Possible XSS injection through Validate::isCleanHTML method php
CVE-2023-30839 unknown 3y ago SQL filter bypass leading to arbitrary write requests using "SQL Manager" php
CVE-2023-25170 unknown 3y ago Possible CSRF token fixation php
CVE-2022-46158 unknown 4y ago PrestaShop has potential Information exposure in the upload directory php
CVE-2022-31181 unknown 4y ago PrestaShop eval injection possible if shop vulnerable to SQL injection php
CVE-2019-11876 unknown 4y ago PrestaShop Cross-site Scripting vulnerability php
CVE-2018-20717 unknown 4y ago PrestaShop PHP Object Injection php
CVE-2013-4791 unknown 4y ago PrestaShop Stored Cross-Site Scripting Vulnerability php
CVE-2012-20001 unknown 4y ago PrestaShop XSS Vulnerability php
CVE-2022-21686 unknown 4y ago Server Side Twig Template Injection php
CVE-2021-43789 unknown 5y ago SQL injection in prestashop/prestashop php