An SQL injection vulnerability exists in the DBSHOP_0.9.3_Beta getQuery() function.
DBShop is an open source e-commerce online store system developed using endFramework. DBSHOP0.9.3Beta suffers from SQL injection vulnerability. Due to the /DBSHOP/module/Shopfront/src/Shopfront/Controller/GoodslistController.php at indexAction first through getQuery to get all the parameters,...