CVE-2026-7630 in InnoShopinformation

Résumé

par MITRE • 02/05/2026

A vulnerability has been found in innocommerce InnoShop up to 0.7.8. The affected element is the function InstallServiceProvider::boot of the file innopacks/install/src/InstallServiceProvider.php of the component Installation Endpoint. The manipulation leads to improper authentication. Remote exploitation of the attack is possible. The exploit has been disclosed to the public and may be used. The identifier of the patch is 45758e4ec22451ab944ae2ae826b1e70f6450dc9. It is recommended to apply a patch to fix this issue.

If you want to get best quality of vulnerability data, you may have to visit VulDB.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

Responsable

VulDB

Divulgation

02/05/2026

Modérer

accepté

Entrée

VDB-360576

CPE

prêt

CWE

CWE-287 (confirmé)

Exploitation

Télécharger

CVSS

7.3 (VulDB)

EPSS

0.00125

KEV

non

Activités

très faible

Sources

MITRE	https://www.cve.org/CVERecord?id=CVE-2026-7630
NVD	https://nvd.nist.gov/vuln/detail/CVE-2026-7630
CVE Details	https://www.cvedetails.com/cve/CVE-2026-7630/

◂ Précédent Aperçu Suivant ▸

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!