Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline

Storecommander Security Vulnerabilities

cve
cve

CVE-2023-30281

Insecure permissions vulnerability was discovered, due to a lack of permissions’s control in scquickaccounting before v3.7.3 from Store Commander for PrestaShop, a guest can access exports from the module which can lead to leak of personnal informations from ps_customer table sush as name / surname...

6.5CVSS

6.3AI Score

0.001EPSS

2023-05-16 08:15 PM
15
cve
cve

CVE-2023-33278

In the Store Commander scexportcustomers module for PrestaShop through 3.6.1, sensitive SQL calls can be executed with a trivial HTTP request and exploited to forge a blind SQL injection.

9.8CVSS

9.7AI Score

0.002EPSS

2023-05-25 08:15 PM
13
cve
cve

CVE-2023-33280

In the Store Commander scquickaccounting module for PrestaShop through 3.7.3, multiple sensitive SQL calls can be executed with a trivial HTTP request and exploited to forge a blind SQL injection.

9.8CVSS

9.7AI Score

0.002EPSS

2023-05-25 08:15 PM
18