Product Catalog \(csv\, Excel\) Import CVEs and Security Vulnerabilities

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Export CSV

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2023-39675	1 Myprestamodules	1 Product Catalog \(csv\, Excel\) Import	2026-02-18	9.8 Critical
SimpleImportProduct Prestashop Module v6.2.9 was discovered to contain a SQL injection vulnerability via the key parameter at send.php.
CVE-2023-39677	2 Myprestamodules, Updateproducts Project	2 Product Catalog \(csv\, Excel\) Import, Updateproducts	2026-02-18	7.5 High
MyPrestaModules Prestashop Module v6.2.9 and UpdateProducts Prestashop Module v3.6.9 were discovered to contain a PHPInfo information disclosure vulnerability via send.php.
CVE-2024-25846	1 Myprestamodules	1 Product Catalog \(csv\, Excel\) Import	2026-02-18	9.1 Critical
In the module "Product Catalog (CSV, Excel) Import" (simpleimportproduct) <= 6.7.0 from MyPrestaModules for PrestaShop, a guest can upload files with extensions .php.
CVE-2024-25847	1 Myprestamodules	2 Product Catalog \(csv\, Excel\) Import, Product Catalog Import For Prestashop	2025-05-05	9.8 Critical
SQL Injection vulnerability in MyPrestaModules "Product Catalog (CSV, Excel) Import" (simpleimportproduct) modules for PrestaShop versions 6.5.0 and before, allows attackers to escalate privileges and obtain sensitive information via Send::__construct() and importProducts::_addDataToDb methods.

Page 1 of 1.