Prestalife

prestalife

3 CVEs • 1 product

Products (1)

Click to collapse

Toggle

Product Designer

product_designer

CVEs (3)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2024-26469 1Prestalife 1Product Designer Jun 17, 2026 Mar 3, 2024 N/A· v4 8.1 HIGH· v3 N/A· v2 Server-Side Request Forgery (SSRF) vulnerability in Tunis Soft "Product Designer" (productdesigner) module for PrestaShop before version 1.178.36, allows remote attackers to cause a denial of service (DoS) and escalate p...Show more Server-Side Request Forgery (SSRF) vulnerability in Tunis Soft "Product Designer" (productdesigner) module for PrestaShop before version 1.178.36, allows remote attackers to cause a denial of service (DoS) and escalate privileges via the url parameter in the postProcess() method.Show less
CVE-2024-24302 1Prestalife 1Product Designer Jun 17, 2026 Mar 3, 2024 N/A· v4 9.8 CRITICAL· v3 N/A· v2 An issue was discovered in Tunis Soft "Product Designer" (productdesigner) module for PrestaShop before version 1.178.36, allows remote attackers to execute arbitrary code, escalate privileges, and obtain sensitive infor...Show more An issue was discovered in Tunis Soft "Product Designer" (productdesigner) module for PrestaShop before version 1.178.36, allows remote attackers to execute arbitrary code, escalate privileges, and obtain sensitive information via the postProcess() method.Show less
CVE-2024-24307 1Prestalife 1Product Designer Jun 17, 2026 Mar 3, 2024 N/A· v4 7.5 HIGH· v3 N/A· v2 Path Traversal vulnerability in Tunis Soft "Product Designer" (productdesigner) module for PrestaShop before version 1.178.36, allows a remote attacker to escalate privileges and obtain sensitive information via the ajax...Show more Path Traversal vulnerability in Tunis Soft "Product Designer" (productdesigner) module for PrestaShop before version 1.178.36, allows a remote attacker to escalate privileges and obtain sensitive information via the ajaxProcessCropImage() method.Show less