SQL Injection

Overview shopware/platform is a Shopware e-commerce core. Affected versions of this package are vulnerable to SQL Injection through the aggregations object. An attacker can manipulate the SQL queries and potentially access or alter data by injecting malicious SQL code into the name field...

Shopware 安全漏洞

Shopware is a suite of open source e-commerce software from the German company Shopware. A security vulnerability exists in Shopware versions 6.6.5.1 and 6.5.8.13 and earlier, which stems from the search function in its application API, where the name field in the aggregations object is susceptib...

PT-2024-19396 · Shopware · Shopware

Name of the Vulnerable Software and Affected Versions: Shopware versions prior to 6.5.7.4 Shopware versions 6.1, 6.2, 6.3, and 6.4 Description: The Shopware application API contains a search functionality that enables users to search through information stored within their Shopware instance. The...

Shopware SQL Injection Vulnerability

Shopware is a suite of open source e-commerce software from the German company Shopware. A SQL injection vulnerability exists in Shopware 6.5.7.3 and earlier versions, which stems from a SQL injection vulnerability in the name field of the aggregations object...