Vulnerabilities (CVE)

Filtered by vendor Common-services Subscribe
Total 3 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2023-40921 1 Common-services 1 Soliberte 2024-10-08 N/A 9.8 CRITICAL
SQL Injection vulnerability in functions/point_list.php in Common Services soliberte before v4.3.03 allows attackers to obtain sensitive information via the lat and lng parameters.
CVE-2023-45383 1 Common-services 1 Sonice Etiquetage 2024-09-13 N/A 7.5 HIGH
In the module "SoNice etiquetage" (sonice_etiquetage) up to version 2.5.9 from Common-Services for PrestaShop, a guest can download personal information without restriction by performing a path traversal attack. Due to a lack of permissions control and a lack of control in the path name construction, a guest can perform a path traversal to view all files on the information system.
CVE-2023-45382 1 Common-services 1 Sonice Retour 2024-08-12 N/A 7.5 HIGH
In the module "SoNice Retour" (sonice_retour) up to version 2.1.0 from Common-Services for PrestaShop, a guest can download personal information without restriction by performing a path traversal attack. Due to a lack of permissions control and a lack of control in the path name construction, a guest can perform a path traversal to view all files on the information system.