CVE-2022-45447

CVE-2022-45447

M4 PDF plugin for Prestashop sites, in its 3.2.3 version and before, is vulnerable to a directory traversal vulnerability. The “f� parameter is not properly checked in the resource /m4pdf/pdf.php, returning any file given its relative path. An attacker that exploits this vulnerability could download /etc/passwd from the server if the file exists.

Source: CVE-2022-45447

답글 남기기

이메일 주소는 공개되지 않습니다. 필수 필드는 *로 표시됩니다