Shopware < 6.5.8.13 - SQL Injection

The Shopware application API contains a search functionality which enables users to search through information stored within their Shopware instance. The searches performed by this function can be aggregated using the parameters in the "aggregations" object. The name field in this "aggregations" ...

EUVD-2022-2269

Malicious code in bioql PyPI...

CVE-2025-27892

Shopware prior to version 6.5.8.13 is affected by a SQL injection vulnerability in the /api/search/order endpoint. NOTE: this issue exists because of a CVE-2024-22406 and CVE-2024-42357 regression...

CVE-2025-27892

Shopware prior to version 6.5.8.13 is affected by a SQL injection vulnerability in the /api/search/order endpoint. NOTE: this issue exists because of a CVE-2024-22406 and CVE-2024-42357 regression...

CVE-2025-27892

Shopware prior to version 6.5.8.13 is affected by a SQL injection vulnerability in the /api/search/order endpoint. NOTE: this issue exists because of a CVE-2024-22406 and CVE-2024-42357 regression...

Shopware 3.5 – SQL injection vulnerability-vulnerability warning-the black bar safety net

Shopware 3.5 – SQL injectionvulnerability Directly attached to the code function httpreq$host, $q if!$ fs = fsockopen$host, 8 0 exit“Could not open HTTP - Connection to “.$ host.”\ r\n\r\n”; $head = “GET /recommendation/bought/Article/”. urlencode“0 AND SELECT 1 FROM SELECT COUNT, CONCATSELECT “....