3 matches found
GHSA-FQCV-8859-86X2 CoreShop Vulnerable to SQL Injection via Admin customer-company-modifier
SQL Injection in CustomerTransformerController Summary An error-based SQL Injection vulnerability was identified in the CustomerTransformerController within the CoreShop admin panel. The affected endpoint improperly interpolates user-supplied input into a SQL query, leading to database error...
CoreShop Vulnerable to SQL Injection via Admin customer-company-modifier
SQL Injection in CustomerTransformerController Summary An error-based SQL Injection vulnerability was identified in the CustomerTransformerController within the CoreShop admin panel. The affected endpoint improperly interpolates user-supplied input into a SQL query, leading to database error...
PT-2026-3891
Name of the Vulnerable Software and Affected Versions CoreShop versions prior to 4.1.9 Description An error-based SQL Injection issue exists in the CustomerTransformerController within the CoreShop admin panel. The affected endpoint improperly incorporates user-supplied input into a SQL query,...