CVEs-PoC/2024/CVE-2024-25846.md

CVE-2024-25846

Description

In the module "Product Catalog (CSV, Excel) Import" (simpleimportproduct) <= 6.7.0 from MyPrestaModules for PrestaShop, a guest can upload files with extensions .php.

POC

Reference

• https://security.friendsofpresta.org/modules/2024/02/27/simpleimportproduct.html

Github

No PoCs found on GitHub currently.