N/A

An issue was discovered in the tshirtecommerce (aka Custom Product Designer) component 2.1.4 for PrestaShop. An HTTP request can be forged with the POST parameter file_name in the tshirtecommerce/ajax.php?type=svg endpoint, to allow a remote attacker to traverse directories on the system in order to open files (without restriction on the extension and path). Only files that can be parsed in XML can be opened. This is exploited in the wild in March 2023.

N/A

N/A

PrestaShop 路径遍历漏洞

PrestaShop是美国PrestaShop公司的一套开源的电子商务解决方案。该方案提供多种支付方式、短消息提醒和商品图片缩放等功能。 PrestaShop tshirtecommerce 2.1.4及之前版本存在安全漏洞，该漏洞源于可以使用端点中的GET 参数来请求tshirtecommerce/fonts.php，攻击者利用该漏洞能够在系统上执行目录遍历并打开文件，而不受扩展名和路径的限制。

N/A

N/A