Prestashop Ps Facetedsearch vulnerabilities
2 known vulnerabilities affecting prestashop/ps_facetedsearch.
Total CVEs
2
CISA KEV
1
actively exploited
Public exploits
1
Exploited in wild
1
Severity breakdown
CRITICAL1MEDIUM1
Vulnerabilities
Page 1 of 1
CVE-2020-5277MEDIUMCVSS 5.4fixed in 3.5.02020-03-25
CVE-2020-5277 [MEDIUM] CWE-79 CVE-2020-5277: PrestaShop module ps_facetedsearch versions before 3.5.0 has a reflected XSS with `url_name` paramet
PrestaShop module ps_facetedsearch versions before 3.5.0 has a reflected XSS with `url_name` parameter. The problem is fixed in 3.5.0
cvelistv5nvd
CVE-2017-9841CRITICALCVSS 9.8KEVPoC≥ 0, < 3.4.12020-01-07
CVE-2017-9841 [CRITICAL] PrestaShop module ps_facetedsearch might be vulnerable from CVE-2017-9841
PrestaShop module ps_facetedsearch might be vulnerable from CVE-2017-9841
### Impact
We have identified that some ps_facetedsearch module ZIP archives have been built with phpunit dev dependencies. PHPUnit contains a php script that would allow, on a webserver, an attacker to perform a RCE.
This vulnerability impacts
- phpunit before 4.8.28 and 5.x before 5.6.3 as reported in [CVE-2017-9841](htt
ghsaosv