This is a list of officially reported information-security vulnerabilities and exposures with high or critical security impact (CVSS score 7 or higher) which were published in the CVE list in the last seven days. The data is downloaded from the National Vulnerability Database. Important notice: the allocation or reservation of a CVE ID does not necessarily indicate when this vulnerability was discovered, shared with the affected vendor, publicly disclosed, or updated in CVE.
Common Vulnerabilities and ExposuresMichael Koch2019-04-10T15:49:10-04:00
This information was last updated on Wednesday, July 8, 05:00 AM GMT.
Thursday, July 2
In PrestaShop from version 126.96.36.199 and before version 188.8.131.52, the dashboard allows rewriting all configuration variables. The problem is fixed in 184.108.40.206
In PrestaShop from version 220.127.116.11 and before version 18.104.22.168, the authentication system is malformed and an attacker is able to forge requests and execute admin commands. The problem is fixed in 22.214.171.124.