An issue in /functions/fbaorder.php of Prestashop amazon before v5.2.24 allows attackers to execute a directory traversal attack.
References
Link | Resource |
---|---|
https://addons.prestashop.com/fr/marketplace/2501-amazon-market-place.html | Vendor Advisory |
https://security.friendsofpresta.org/modules/2023/07/13/amazon.html?_sm_pdc=1&_sm_rid=8j3vvHn3kPrR9r7QVvHpFPR9WHVDpvvHP9PLPMj | Third Party Advisory |
Configurations
History
31 Jul 2023, 18:36
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:a:prestashop:amazon:*:*:*:*:*:*:*:* | |
CWE | CWE-22 | |
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 5.3 |
References | (MISC) https://addons.prestashop.com/fr/marketplace/2501-amazon-market-place.html - Vendor Advisory | |
References | (MISC) https://security.friendsofpresta.org/modules/2023/07/13/amazon.html?_sm_pdc=1&_sm_rid=8j3vvHn3kPrR9r7QVvHpFPR9WHVDpvvHP9PLPMj - Third Party Advisory | |
First Time |
Prestashop
Prestashop amazon |
25 Jul 2023, 01:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2023-07-25 01:15
Updated : 2024-02-28 20:33
NVD link : CVE-2023-33777
Mitre link : CVE-2023-33777
CVE.ORG link : CVE-2023-33777
JSON object : View
Products Affected
prestashop
- amazon
CWE
CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')