إرسال #780789: Shopsuite modulithshop 829bac71f507e84684c782b9b062b8bf3b5585d6 SQL Injectionالمعلومات

عنوانShopsuite modulithshop 829bac71f507e84684c782b9b062b8bf3b5585d6 SQL Injection
الوصفThe ShopSuite system contains a SQL injection vulnerability in the listItemKey method of the ProductItemDao interface. Attackers can inject malicious SQL code through the sidx and sort parameters in ORDER BY clauses, allowing extraction of sensitive information from the database including product data, user information, system configuration, and potentially administrative credentials.
المصدر⚠️ https://github.com/shsuishang/modulithshop/issues/3
المستخدم
 Anonymous User
ارسال16/03/2026 12:51 PM (4 أشهر منذ)
الاعتدال01/04/2026 03:29 PM (16 days later)
الحالةتمت الموافقة
إدخال VulDB354659 [shsuishang modulithshop حتى 829bac71f507e84684c782b9b062b8bf3b5585d6 ProductItemDao Interface ProductIndexServiceImpl.java listItem sidx/sort حقن SQL]
النقاط19

Might our Artificial Intelligence support you?

Check our Alexa App!