CNNVD-202601-1479 Information

CNNVD ID

CNNVD-202601-1479

Related CVE

CVE-2026-22242

• CNNVD Published: 2026-01-08

Description (Chinese)

CoreShop是CoreShop开源的一个电子商务系统。 CoreShop 4.1.8之前版本存在安全漏洞，该漏洞源于存在盲SQL注入，可能导致数据泄露。

Description (English)

CoreShop is an e-commerce system open to CoreShop. There was a security loophole in the pre-CoreShop 4.1.8 version, which stemmed from the presence of blind SQL injections, which could lead to data leaks.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

CoreShop

Published

2026-01-08

Last Modified

2026-02-24

References

https://github.com/coreshop/CoreShop/security/advisories/GHSA-ch7p-mpv4-4vg4 https://github.com/coreshop/CoreShop/commit/59e84fec59d113952b6d28a9b30c6317f9e6e5dd https://access.redhat.com/security/cve/cve-2026-22242

Patch

https://www.coreshop.com/en