CVE-2023-33777

An issue in /functions/fbaorder.php of Prestashop amazon before v5.2.24 allows attackers to execute a directory traversal attack.
Configurations

Configuration 1 (hide)

cpe:2.3:a:prestashop:amazon:*:*:*:*:*:*:*:*

History

21 Nov 2024, 08:05

Type Values Removed Values Added
References () https://addons.prestashop.com/fr/marketplace/2501-amazon-market-place.html - Vendor Advisory () https://addons.prestashop.com/fr/marketplace/2501-amazon-market-place.html - Vendor Advisory
References () https://security.friendsofpresta.org/modules/2023/07/13/amazon.html?_sm_pdc=1&_sm_rid=8j3vvHn3kPrR9r7QVvHpFPR9WHVDpvvHP9PLPMj - Third Party Advisory () https://security.friendsofpresta.org/modules/2023/07/13/amazon.html?_sm_pdc=1&_sm_rid=8j3vvHn3kPrR9r7QVvHpFPR9WHVDpvvHP9PLPMj - Third Party Advisory

31 Jul 2023, 18:36

Type Values Removed Values Added
CPE cpe:2.3:a:prestashop:amazon:*:*:*:*:*:*:*:*
CWE CWE-22
References (MISC) https://addons.prestashop.com/fr/marketplace/2501-amazon-market-place.html - (MISC) https://addons.prestashop.com/fr/marketplace/2501-amazon-market-place.html - Vendor Advisory
References (MISC) https://security.friendsofpresta.org/modules/2023/07/13/amazon.html?_sm_pdc=1&_sm_rid=8j3vvHn3kPrR9r7QVvHpFPR9WHVDpvvHP9PLPMj - (MISC) https://security.friendsofpresta.org/modules/2023/07/13/amazon.html?_sm_pdc=1&_sm_rid=8j3vvHn3kPrR9r7QVvHpFPR9WHVDpvvHP9PLPMj - Third Party Advisory
First Time Prestashop
Prestashop amazon
CVSS v2 : unknown
v3 : unknown
v2 : unknown
v3 : 5.3

25 Jul 2023, 01:15

Type Values Removed Values Added
New CVE

Information

Published : 2023-07-25 01:15

Updated : 2024-11-21 08:05


NVD link : CVE-2023-33777

Mitre link : CVE-2023-33777

CVE.ORG link : CVE-2023-33777


JSON object : View

Products Affected

prestashop

  • amazon
CWE
CWE-22

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')