Description

PrestaShop 1.6.x before 1.6.1.23 and 1.7.x before 1.7.4.4 on Windows allows remote attackers to write to arbitrary image files.

Remediation

References

CVE-2018-19124

Related Vulnerabilities

WordPress Plugin Pricing Table Builder-AP Pricing Tables Lite includes Backdoor [Only if downloaded via the vendor website] (1.1.2)

WordPress Plugin link-list-manager Cross-Site Scripting (1.0)

Plupload Cross-site Scripting (XSS) Vulnerability (CVE-2016-4566)

Internet Information Services Other Vulnerability (CVE-1999-0253)

WordPress Plugin Daily Inspiration Generator Cross-Site Scripting (2.0)

Severity

High

Classification

CVE-2018-19124 CWE-22 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

Tags

Missing Update Known Vulnerabilities