Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
In the module "Order Duplicator " Clone and Delete Existing Order" (orderduplicate) in version <= 1.1.7 from Silbersaiten for PrestaShop, a guest can download personal information without restriction. Due to a lack of permissions control, a guest can download personal information from ps_customer/ps_address tables such as name / surname / phone number / full postal address.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
PrestaShop Order Duplicator 安全漏洞
Vulnerability Description
PrestaShop是美国PrestaShop公司的一套开源的电子商务解决方案。该方案提供多种支付方式、短消息提醒和商品图片缩放等功能。 PrestaShop Order Duplicator——Clone and Delete Existing Order 1.7 版本存在安全漏洞,该漏洞源于缺乏权限控制,攻击者利用该漏洞可以从 ps_customer/ps_address 表下载个人信息,例如:姓名、电话号码、完整邮政地址。
CVSS Information
N/A
Vulnerability Type
N/A