Store Opart

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2023-50061 1Store Opart 1Op'art Easy Redirect Nov 21, 2024 Feb 8, 2024 N/A· v4 9.8 CRITICAL· v3 N/A· v2 PrestaShop Op'art Easy Redirect >= 1.3.8 and <= 1.3.12 is vulnerable to SQL Injection via Oparteasyredirect::hookActionDispatcher().
CVE-2023-48188 1Store Opart 1Op'art Devis Nov 21, 2024 Nov 27, 2023 N/A· v4 9.8 CRITICAL· v3 N/A· v2 SQL injection vulnerability in PrestaShop opartdevis v.4.5.18 thru v.4.6.12 allows a remote attacker to execute arbitrary code via a crafted script to the getModuleTranslation function.
CVE-2023-36263 2Prestashop Store Opart 2Op'art Limit Quantity Opartlimitquantity Jun 12, 2026 Oct 31, 2023 N/A· v4 9.8 CRITICAL· v3 N/A· v2 Prestashop opartlimitquantity 1.4.5 and before is vulnerable to SQL Injection. OpartlimitquantityAlertlimitModuleFrontController::displayAjaxPushAlertMessage()` has sensitive SQL calls that can be executed with a trivial...Show more Prestashop opartlimitquantity 1.4.5 and before is vulnerable to SQL Injection. OpartlimitquantityAlertlimitModuleFrontController::displayAjaxPushAlertMessage()` has sensitive SQL calls that can be executed with a trivial http call and exploited to forge a SQL injection.Show less
CVE-2023-30148 2Opart Store Opart 2Multi Html Block Multi Html Block Jun 12, 2026 Oct 14, 2023 N/A· v4 5.4 MEDIUM· v3 N/A· v2 Multiple Stored Cross Site Scripting (XSS) vulnerabilities in Opart opartmultihtmlblock before version 2.0.12 and Opart multihtmlblock* version 1.0.0, allows remote authenticated users to inject arbitrary web script or H...Show more Multiple Stored Cross Site Scripting (XSS) vulnerabilities in Opart opartmultihtmlblock before version 2.0.12 and Opart multihtmlblock* version 1.0.0, allows remote authenticated users to inject arbitrary web script or HTML via the body_text or body_text_rude field in /sourcefiles/BlockhtmlClass.php and /sourcefiles/blockhtml.php.Show less
CVE-2023-34576 2Opartfaq Project Store Opart 2Op'art Product Faq Opartfaq Jun 12, 2026 Sep 21, 2023 N/A· v4 9.8 CRITICAL· v3 N/A· v2 SQL injection vulnerability in updatepos.php in PrestaShop opartfaq through 1.0.3 allows remote attackers to run arbitrary SQL commands via unspedified vector.
CVE-2023-34575 2Op'art Save Cart Project Store Opart 2Op'art Save Cart Op'art Save Cart Jun 12, 2026 Sep 20, 2023 N/A· v4 9.8 CRITICAL· v3 N/A· v2 SQL injection vulnerability in PrestaShop opartsavecart through 2.0.7 allows remote attackers to run arbitrary SQL commands via OpartSaveCartDefaultModuleFrontController::initContent() and OpartSaveCartDefaultModuleFront...Show more SQL injection vulnerability in PrestaShop opartsavecart through 2.0.7 allows remote attackers to run arbitrary SQL commands via OpartSaveCartDefaultModuleFrontController::initContent() and OpartSaveCartDefaultModuleFrontController::displayAjaxSendCartByEmail() methods.Show less
CVE-2020-16194 1Store Opart 1Op'art Devis Jan 27, 2026 Feb 4, 2021 N/A· v4 5.3 MEDIUM· v3 5.0 MEDIUM· v2 An Insecure Direct Object Reference (IDOR) vulnerability was found in Prestashop Opart devis < 4.0.2. Unauthenticated attackers can have access to any user's invoice and delivery address by exploiting an IDOR on the deli...Show more An Insecure Direct Object Reference (IDOR) vulnerability was found in Prestashop Opart devis < 4.0.2. Unauthenticated attackers can have access to any user's invoice and delivery address by exploiting an IDOR on the delivery_address and invoice_address fields.Show less