Lucene search
GoogleOSV:GHSA-6M27-7CQJ-2MXWHistoryMay 14, 2022 - 1:00 a.m.
Shopware XXE Vulnerability
2022-05-1401:00:48
Google
osv.dev
7
Shopware before 5.3.4 has a PHP Object Instantiation issue via the sort parameter to the loadPreviewAction() method of the Shopware_Controllers_Backend_ProductStream controller, with resultant XXE via instantiation of a SimpleXMLElement object.
Related
prion
prion
Design/Logic Flaw
2019-01-15 16:29:00
Deserialization of untrusted data
2019-06-13 20:29:00
nvd
nvd
CVE-2017-18357
2019-01-15 16:29:00
CVE-2019-12799
2019-06-13 20:29:00
zdt
zdt
cve
cve
CVE-2017-18357
2019-01-15 16:29:00
CVE-2019-12799
2019-06-13 20:29:00
packetstorm
packetstorm
Shopware createInstanceFromNamedArguments PHP Object Instantiation
2019-05-22 00:00:00
cvelist
cvelist
CVE-2017-18357
2019-01-15 16:00:00
CVE-2019-12799
2019-06-13 19:18:41
veracode
veracode
Unsafe Deserialization
2019-01-16 05:56:27
Unsafe Deserialization
2019-06-14 03:53:18
github
github
Shopware XXE Vulnerability
2022-05-14 01:00:48
Shopware Insecure Deserialization Vulnerability
2022-05-24 16:48:00
osv
osv
Shopware Insecure Deserialization Vulnerability
2022-05-24 16:48:00