Mpay24 Project Mpay24 vulnerabilities
2 known vulnerabilities affecting mpay24_project/mpay24.
Total CVEs
2
CISA KEV
0
Public exploits
2
Exploited in wild
0
Severity breakdown
HIGH1MEDIUM1
Vulnerabilities
Page 1 of 1
CVE-2014-2008P3HIGHCVSS 7.5PoC≤ 1.5.1v1.4.0+10 more2014-09-12
CVE-2014-2008 [HIGH] CWE-89 CVE-2014-2008: SQL injection vulnerability in confirm.php in the mPAY24 payment module before 1.6 for PrestaShop al
SQL injection vulnerability in confirm.php in the mPAY24 payment module before 1.6 for PrestaShop allows remote attackers to execute arbitrary SQL commands via the TID parameter.
nvd
CVE-2014-2009P4MEDIUMCVSS 5.0PoC≤ 1.5.1v1.4.0+10 more2014-09-12
CVE-2014-2009 [MEDIUM] CWE-200 CVE-2014-2009: The mPAY24 payment module before 1.6 for PrestaShop allows remote attackers to obtain credentials, t
The mPAY24 payment module before 1.6 for PrestaShop allows remote attackers to obtain credentials, the installation path, and other sensitive information via a direct request to api/curllog.log.
nvd