GHSA-CH7P-MPV4-4VG4 CoreShop Vulnerable to SQL Injection via Admin Reports

Affected Versions - CoreShop 4.1.2 Demo tested Demo | CoreShop - Earlier versions may also be affected if the same code path exists Summary A blind SQL injection vulnerability exists in the application that allows an authenticated administrator-level user to extract database contents using...

U.S. Dept Of Defense: SQL Injection

The application was found to have a blind SQL injection vulnerability in the 'filterevent' parameter. The vulnerability allowed an attacker to manipulate database queries and extract sensitive information from the database through time-based or boolean-based techniques, as the injection was blind...