WEB APPLICATION VULNERABILITIES Standard & Premium

PrestaShop Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2018-19124)

Description

PrestaShop 1.6.x before 1.6.1.23 and 1.7.x before 1.7.4.4 on Windows allows remote attackers to write to arbitrary image files.

Remediation

References

Related Vulnerabilities

Liferay Portal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-38902)

WordPress Plugin WooCommerce Arbitrary File Deletion (3.4.5)

WordPress Plugin HAL Cross-Site Scripting (2.1.1)

WordPress Plugin Fancy Product Designer-WooCommerce Cross-Site Scripting (4.5.0)

Apache HTTP Server Cryptographic Issues Vulnerability (CVE-2009-3555)

Severity

High

Classification

CVE-2018-19124 CWE-22 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

Tags

Missing Update Known Vulnerabilities