Lucene search

K
nvd[email protected]NVD:CVE-2024-36682
HistoryJun 24, 2024 - 10:15 p.m.

CVE-2024-36682

2024-06-2422:15:10
web.nvd.nist.gov
7
prestashop
theme settings
promokit.eu
security vulnerability
email access

0.0004 Low

EPSS

Percentile

9.2%

In the module β€œTheme settings” (pk_themesettings) <= 1.8.8 from Promokit.eu for PrestaShop, a guest can download all email collected while SHOP is in maintenance mode. Due to a lack of permissions control, a guest can access the txt file which collect email when maintenance is enable which can lead to leak of personal information.

0.0004 Low

EPSS

Percentile

9.2%

Related for NVD:CVE-2024-36682