Secure peace of mind with Cyber Legion—Your Trusted Cybersecurity Partner.

Speak With a Security Expert

Elevate your cybersecurity posture with our expert and strategic security solutions

Experience the assurance of CREST Certified Penetration Testing services

CVE-2023-46346

In the module “Product Catalog (CSV, Excel, XML) Export PRO” (exportproducts) in versions up to 4.1.1 from MyPrestaModules for PrestaShop, a guest can download personal information without restriction by performing a path traversal attack. Due to a lack of permissions control and a lack of control in the path name construction, a guest can perform a path traversal to view all files on the information system. (CVSS:7.5) (EPSS:0.09%) (Last Update:2023-11-01 18:15:43)   Latest security vulnerabilities (Directory Traversal) (CVSS score >= 4) – Deprecated! See channel description 

​  

More To Explore