CVE-2024-2759
7.5
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Summary
Improper access control vulnerability in Apaczka plugin for PrestaShop allows information gathering from saved templates without authentication.This issue affects Apaczka plugin for PrestaShop from v1 through v4.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Alsendo Sp. z o. o. | Apaczka | v1 <= v4 | affected |
Weaknesses
- CWE-552: CWE-552 Files or Directories Accessible to External Parties
ADP Enrichment
CISA ADP Vulnrichment
- SSVC:
- Exploitation: none
- Automatable: yes
- Technical Impact: partial
CVE Program Container
Additional References
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.