Customer Files Upload

customer_files_upload

Vendor: Mypresta • 1 CVE

CVEs (1)

CVE

VENDORS

PRODUCTS

UPDATED

PUBLISHED

CVSS

CVE-2018-19355

2Mypresta

Prestashop

2Customer Files Upload

Prestashop

Nov 21, 2024

Nov 19, 2018

N/A· v4

9.8 CRITICAL· v3

7.5 HIGH· v2

modules/orderfiles/ajax/upload.php in the Customer Files Upload addon 2018-08-01 for PrestaShop (1.5 through 1.7) allows remote attackers to execute arbitrary code by uploading a php file via modules/orderfiles/upload.php with auptype equal to product (for upload destinations under modules/productfiles), order (for upload destinations under modules/files), or cart (for upload destinations under modules/cartfiles).Show less