← Back

Product Catalog (csv, Excel) Import

product_catalog_(csv,_excel)_import

Vendor: Myprestamodules • 4 CVEs

CVEs (4)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2024-25847
1Myprestamodules
1Product Catalog (csv, Excel) Import
May 5, 2025
Mar 3, 2024
N/A· v4
9.8 CRITICAL· v3
N/A· v2
SQL Injection vulnerability in MyPrestaModules "Product Catalog (CSV, Excel) Import" (simpleimportproduct) modules for PrestaShop versions 6.5.0 and before, allows attackers to escalate privileges and obtain sensitive in...Show more
SQL Injection vulnerability in MyPrestaModules "Product Catalog (CSV, Excel) Import" (simpleimportproduct) modules for PrestaShop versions 6.5.0 and before, allows attackers to escalate privileges and obtain sensitive information via Send::__construct() and importProducts::_addDataToDb methods.Show less
CVE-2024-25846
2Myprestamodules
Simpleimportproduct Project
2Product Catalog (csv, Excel) Import
Simpleimportproduct
Feb 18, 2026
Feb 27, 2024
N/A· v4
9.1 CRITICAL· v3
N/A· v2
In the module "Product Catalog (CSV, Excel) Import" (simpleimportproduct) <= 6.7.0 from MyPrestaModules for PrestaShop, a guest can upload files with extensions .php.
CVE-2023-39675
2Myprestamodules
Simpleimportproduct Project
2Product Catalog (csv, Excel) Import
Simpleimportproduct
Feb 18, 2026
Sep 20, 2023
N/A· v4
9.8 CRITICAL· v3
N/A· v2
SimpleImportProduct Prestashop Module v6.2.9 was discovered to contain a SQL injection vulnerability via the key parameter at send.php.
CVE-2023-39677
3Myprestamodules
Simpleimportproduct ProjectUpdateproducts Project
3Product Catalog (csv, Excel) Import
SimpleimportproductUpdateproducts
Feb 18, 2026
Sep 20, 2023
N/A· v4
7.5 HIGH· v3
N/A· v2
MyPrestaModules Prestashop Module v6.2.9 and UpdateProducts Prestashop Module v3.6.9 were discovered to contain a PHPInfo information disclosure vulnerability via send.php.