Acunetix DAST powers runtime capabilities for Invicti’s complete AppSec platform. Visit Invicti for more.

WEB APPLICATION VULNERABILITIES Standard & Premium

PrestaShop Server-Side Request Forgery (SSRF) Vulnerability (CVE-2024-41651)

Description

An issue in Prestashop v.8.1.7 and before allows a remote attacker to execute arbitrary code via the module upgrade functionality.

Remediation

References

Related Vulnerabilities

MediaWiki CVE-2023-37301 Vulnerability (CVE-2023-37301)

WordPress Plugin OneLogin SAML SSO Security Bypass (2.2.0)

Moodle Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2016-2154)

WordPress Plugin GD Star Rating 'export.php' Security Bypass (1.9.18)

Apache HTTP Server CVE-2019-0190 Vulnerability (CVE-2019-0190)

Severity

High

Classification

CVE-2024-41651 CWE-918 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

Tags

Missing Update Known Vulnerabilities