CVE-2020-9368
The Module Olea Gift On Order module through 5.0.8 for PrestaShop enables an unauthenticated user to read arbitrary files on the server via getfile.php?file=/.. directory traversal.
Date published : 2020-11-02
https://github.com/Intrinsec/CERT/blob/master/Advisories/CVE-2020-9368.md