Approved changes feed: RSS · Atom

cpe:2.3:a:myprestamodules:orders_\(csv\,_excel\)_export_pro:*:*:*:*:*:prestashop:*:*

part: a version: * update: *

VendorMyprestamodules (231d50de-4037-5793-8571-4ec38db6be23)
ProductOrders (Csv, Excel) Export Pro (f5122f9d-f4e5-5e54-ab50-0c3b46c64c30)
Edition*
Language*
Software edition*
Target softwareprestashop
Target hardware*
Other*
NotesImported from gcve-enriched-dumps CVE data

PURL mappings

PURLSourceLast updated
No PURL mappings for this CPE yet.

Vulnerability references

IdentifiercpeApplicabilitySubmitteddb.gcve.eu detailsRationale
CVE:CVE-2024-28396 vulnerable 2026-06-08 06:33:26.954842 Details available
An issue in MyPrestaModules ordersexport v.6.0.2 and before allows a remote attacker to execute arbitrary code via the download.php component.
Published: 2024-03-20T00:00:00.000Z
Updated: 2024-08-28T20:21:22.847Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2023-46354 vulnerable 2026-06-08 06:12:45.073298 Details available
In the module "Orders (CSV, Excel) Export PRO" (ordersexport) < 5.2.0 from MyPrestaModules for PrestaShop, a guest can download personal information without restriction. Due to a lack of permissions control, a guest can access exports from the module which can lead to a leak of personal information from ps_customer/ps_address tables such as name / surname / email / phone number / full postal address.
Published: 2023-12-06T00:00:00.000Z
Updated: 2024-08-02T20:45:41.267Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2023-40923 vulnerable 2026-06-08 06:11:04.746843 Details available
MyPrestaModules ordersexport before v5.0 was discovered to contain multiple SQL injection vulnerabilities at send.php via the key and save_setting parameters.
Published: 2023-11-15T00:00:00.000Z
Updated: 2024-08-29T17:58:23.859Z
Reference links
Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.