all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

CVE-2023-43664 (prestashop)

Add to bookmarks
Sept. 28, 2023, 7:15 p.m. |

National Vulnerability Database web.nvd.nist.gov

PrestaShop is an Open Source e-commerce web application. In the Prestashop Back office interface, an employee can list all modules without any access rights: method `ajaxProcessGetPossibleHookingListForModule` doesn't check access rights. This issue has been addressed in commit `15bd281c` which is included in version 8.1.2. Users are advised to upgrade. There are no known workaround for this issue.

access access rights application back check commerce commit cve e-commerce employee interface issue list modules office open source prestashop rights upgrade version web web application workaround

Visit resource

More from web.nvd.nist.gov / National Vulnerability Database

CVE-2023-45955 (lightstrip_firmware) 6 months ago | web.nvd.nist.gov
attackers cve denial of service issue +1
CVE-2023-40101 (android) 6 months ago | web.nvd.nist.gov
android check collapse cve +7
CVE-2023-21377 (android) 6 months ago | web.nvd.nist.gov
android bypass cve disclosure +8
CVE-2023-21380 (android) 6 months ago | web.nvd.nist.gov
android bluetooth buffer buffer overflow +9
CVE-2023-21382 (android) 6 months ago | web.nvd.nist.gov
access android check cve +11
CVE-2023-21381 (android) 6 months ago | web.nvd.nist.gov
android arbitrary code code code execution +10
CVE-2023-21385 (android) 6 months ago | web.nvd.nist.gov
android corruption cve disclosure +7
CVE-2023-21387 (android) 6 months ago | web.nvd.nist.gov
android backup bypass cve +11
CVE-2023-21389 (android) 6 months ago | web.nvd.nist.gov
android bypass check cve +10

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

Senior Security Specialist, Forsah Technical and Vocational Education and Training (Forsah TVET) (NEW)

@ IREX | Ramallah, West Bank, Palestinian National Authority
View on infosec-jobs.com

Consultant(e) Junior Cybersécurité

@ Sia Partners | Paris, France
View on infosec-jobs.com

Senior Network Security Engineer

@ NielsenIQ | Mexico City, Mexico
View on infosec-jobs.com

Senior Consultant, Payment Intelligence

@ Visa | Washington, DC, United States
View on infosec-jobs.com

Corporate Counsel, Compliance

@ Okta | San Francisco, CA; Bellevue, WA; Chicago, IL; New York City; Washington, DC; Austin, TX
View on infosec-jobs.com

Security Operations Engineer

@ Samsara | Remote - US
View on infosec-jobs.com
View more jobs