Search

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (5 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2024-28395 2 Best-kit, Prestashopmodules 2 Bestkit Popup, Bestkit Popup 2025-09-18 9.8 Critical
SQL injection vulnerability in Best-Kit bestkit_popup v.1.7.2 and before allows a remote attacker to escalate privileges via the bestkit_popup.php component.
CVE-2023-50028 1 Prestashopmodules 1 Sliding Cart Block 2025-06-02 9.8 Critical
In the module "Sliding cart block" (blockslidingcart) up to version 2.3.8 from PrestashopModules.eu for PrestaShop, a guest can perform SQL injection.
CVE-2024-24307 2 Prestalife, Prestashopmodules 2 Product Designer, Productdesigner 2025-05-15 7.5 High
Path Traversal vulnerability in Tunis Soft "Product Designer" (productdesigner) module for PrestaShop before version 1.178.36, allows a remote attacker to escalate privileges and obtain sensitive information via the ajaxProcessCropImage() method.
CVE-2024-33268 1 Prestashopmodules 1 Mdgiftproduct 2024-11-21 9.8 Critical
SQL Injection vulnerability in Digincube mdgiftproduct before 1.4.1 allows an attacker to run arbitrary SQL commands via the MdGiftRule::addGiftToCart method.
CVE-2024-2759 1 Prestashopmodules 1 Apaczka 2024-11-21 7.5 High
Improper access control vulnerability in Apaczka plugin for PrestaShop allows information gathering from saved templates without authentication.This issue affects Apaczka plugin for PrestaShop from v1 through v4.