CNNVD-202601-2629 Information

CNNVD ID

CNNVD-202601-2629

Related CVE

CVE-2021-47763

• CNNVD Published: 2026-01-15

Description (Chinese)

Aimeos是Aimeos开源的一个面向在线商店的开源电子商务框架。 Aimeos 2021.10 LTS版本存在SQL注入漏洞，该漏洞源于json api sort参数存在SQL注入，可能导致攻击者注入恶意数据库查询。

Description (English)

Aimeos is an open-source e-commerce framework for online stores that is open to Aimeos. The Aimeos 2021.10 LTS version has an SQL injection loophole, which stems from the presence of the json api soort parameter in SQL, which may result in the attackers being injected into a malicious database search.

Hazard Level

Medium

Vulnerability Type

SQL注入

Affected Vendor

Aimeos

Published

2026-01-15

Last Modified

2026-02-24

References

https://aimeos.org https://aimeos.org/laravel-ecommerce-package https://www.exploit-db.com/exploits/50538