CVE-2026-25993

Critical CVSS: 9.3

EverShop is a TypeScript-first eCommerce platform. During category update and deletion event handling, the application embeds
path / request_path values—derived from the url_key stored in the database—into SQL statements via string concatenation and passes them to execute(). As a result, if a malicious string is stored in url_key , subsequent event processing modifies and executes the SQL statement, leading to a second-order SQL injection. Patched from v2.1.1.

Vendor

Evershop

Product

Evershop

CWE

CWE-89

Yayın Tarihi

2026-02-10 18:16:38

Güncelleme

2026-02-23 18:03:12

Source Identifier

security-advisories@github.com

KEV Date Added

Kategoriler

CWE-89 Evershop CRITICAL Evershop 2026

Referanslar

http://github.com/evershopcommerce/evershop/commit/5c5bdf2c1ad5d16ae68e9e48b494563953b6d1cd https://github.com/evershopcommerce/evershop/security/advisories/GHSA-3h84-9rhc-j2ch

Benzer Kayıtlar

Critical

CVE-2026-28213

EverShop is a TypeScript-first eCommerce platform. Versions prior to 2.1.1 have a vulnerability in the "Forgot Password"…

High

CVE-2025-67419

A Denial of Service (DoS) vulnerability in evershop 2.1.0 and prior allows unauthenticated attackers to exhaust the appl…

Medium

CVE-2025-67427

A Blind Server-Side Request Forgery (SSRF) vulnerability in evershop 2.1.0 and prior allows unauthenticated attackers to…

High

CVE-2025-65844

EverShop 2.0.1 allows a remote unauthenticated attacker to upload arbitrary files and create directories via the /api/im…

Medium

CVE-2025-12919

A vulnerability was detected in EverShop up to 2.0.1. Affected is an unknown function of the file /src/modules/oms/graph…