Shopware SQL Injection

2022-05-1401:39:47

Google

osv.dev

0.001 Low

EPSS

Percentile

41.4%

JSON

Shopware before 5.4.3 allows SQL Injection by remote authenticated users, aka SW-21404.

CPENameOperatorVersion
shopware/shopwareeq5.2.24
shopware/shopwareeq5.3.0
shopware/shopwareeq5.4.0
shopware/shopwareeq5.2.25
shopware/shopwareeq5.2.22
shopware/shopwareeq4.3.7
shopware/shopwareeq5.0.0-RC2
shopware/shopwareeq5.3.5
shopware/shopwareeq5.0.0-BETA1
shopware/shopwareeq5.3.6

Name	Operator	Version
shopware/shopware	eq	5.2.24
shopware/shopware	eq	5.3.0
shopware/shopware	eq	5.4.0
shopware/shopware	eq	5.2.25
shopware/shopware	eq	5.2.22
shopware/shopware	eq	4.3.7
shopware/shopware	eq	5.0.0-RC2
shopware/shopware	eq	5.3.5
shopware/shopware	eq	5.0.0-BETA1
shopware/shopware	eq	5.3.6