Gửi #780789: Shopsuite modulithshop 829bac71f507e84684c782b9b062b8bf3b5585d6 SQL Injectionthông tin

tiêu đềShopsuite modulithshop 829bac71f507e84684c782b9b062b8bf3b5585d6 SQL Injection
Mô tảThe ShopSuite system contains a SQL injection vulnerability in the listItemKey method of the ProductItemDao interface. Attackers can inject malicious SQL code through the sidx and sort parameters in ORDER BY clauses, allowing extraction of sensitive information from the database including product data, user information, system configuration, and potentially administrative credentials.
Nguồn⚠️ https://github.com/shsuishang/modulithshop/issues/3
Người dùng
 Anonymous User
Đệ trình16/03/2026 12:51 (cách đây 4 các tháng)
Kiểm duyệt01/04/2026 15:29 (16 days later)
Trạng tháiđược chấp nhận
Mục VulDB354659 [shsuishang modulithshop đến 829bac71f507e84684c782b9b062b8bf3b5585d6 ProductItemDao Interface ProductIndexServiceImpl.java listItem sidx/sort Tiêm SQL]
điểm19

Want to know what is going to be exploited?

We predict KEV entries!