CVE-2018-20713
CVE-2018-20713 concerns Shopware prior to version 5.4.3, which is vulnerable to a SQL injection by remote authenticated users (SW-21404). The root cause, as detailed by multiple sources, is insufficient input validation in critical parameters (e.g., newName , defaultValue , table , name ), allowi...