Tag
critical
advisory
Craft Commerce SQL Injection Leading to Remote Code Execution
2 rules 2 TTPs 1 CVEA SQL injection vulnerability in the Craft Commerce TotalRevenue widget can lead to remote code execution through a chain of vulnerabilities including unsanitized widget settings in SQL expressions, enabled PDO Multi-Statement Queries, unrestricted unserialize(), and a FileCookieJar gadget chain, allowing attackers to write a PHP webshell to the server's webroot and achieve arbitrary command execution as the PHP process user.
Craft Commerce
craft-commerce
sql-injection
rce
webshell
2r
2t
1c
high
advisory
Craft Commerce Blind SQL Injection via hasVariant/hasProduct Properties
3 rules 1 TTP 1 CVEA blind SQL injection vulnerability exists in Craft Commerce's `ProductQuery::hasVariant` and `VariantQuery::hasProduct` properties, allowing authenticated control panel users to extract arbitrary database contents and potentially escalate privileges.
Craft Commerce
sqli
craft-commerce
web-application
3r
1t
1c