3 matches found
CVE-2026-23959
CoreShop (Pimcore-based eCommerce) contains an error-based SQL Injection in the admin-facing endpoint /admin/coreshop/customer-company-modifier/duplication-name-check, affecting versions prior to 4.1.9. The root cause is unsafe interpolation of user input into a SQL condition (example pattern: sp...
PT-2022-16821 · Unknown · Codeigniter4
Name of the Vulnerable Software and Affected Versions: CodeIgniter4 versions prior to 4.1.9 Description: The issue allows attackers to execute CLI routes via HTTP request due to improper input validation. There are currently no known workarounds for this issue. Recommendations: Upgrade to version...
Invision Power Services Community Suite Security Bypass Vulnerability
Invision Power Services IPS Community Suite is an integrated application for building communities on the web. A security bypass vulnerability exists in versions of IPS Community Suite prior to 4.1.9. An attacker could exploit the vulnerability to hijack a session...