Exploit Cybersecurity study of the dark web exposes vulnerability to machine identities -- ScienceDaily

Published on June 24th, 2019 📆 | 2685 Views ⚑


Shopware up to 5.5.7 Backend Query String cross site scripting

CVSS Meta Temp Score Current Exploit Price (≈)
3.4 $0-$5k

A vulnerability was found in Shopware up to 5.5.7 and classified as problematic. Affected by this issue is an unknown part of the component Backend. The manipulation as part of a Query String leads to a cross site scripting vulnerability. Using CWE to declare the problem leads to CWE-80. Impacted is integrity. An attacker might be able to inject arbitrary html and script code into the web site. This would alter the appearance and would make it possible to initiate further attacks against site visitors.

The weakness was disclosed 06/23/2019. This vulnerability is handled as CVE-2019-12935 since 06/23/2019. The attack may be launched remotely. There are neither technical details nor an exploit publicly available.

Upgrading to version 5.5.8 eliminates this vulnerability.


VulDB Meta Base Score: 3.5
VulDB Meta Temp Score: 3.4

VulDB Base Score: 3.5
VulDB Temp Score: 3.4
VulDB Vector: 🔒
VulDB Reliability: 🔍

VulDB Base Score: 🔒
VulDB Temp Score: 🔒
VulDB Reliability: 🔍
Class: Cross site scripting (CWE-80)
Local: No
Remote: Yes

Availability: 🔒
Status: Not defined

Price Prediction: 🔍
Current Price Estimation: 🔒

Threat Intelligenceinfoedit

Threat: 🔍
Adversaries: 🔍
Geopolitics: 🔍
Economy: 🔍
Predictions: 🔍
Remediation: 🔍Recommended: Upgrade
Status: 🔍

0-Day Time: 🔒

Upgrade: Shopware 5.5.8

06/23/2019 Advisory disclosed
06/23/2019 +0 days CVE assigned
06/24/2019 +1 days VulDB entry created
06/24/2019 +0 days VulDB last update
CVE: CVE-2019-12935 (🔒)Created: 06/24/2019 07:15 AM
Complete: 🔍


No comments yet. Please log in to comment.

Download it now for free!


Download Premium WordPress Themes Free
Download WordPress Themes
Download Best WordPress Themes Free Download
Download WordPress Themes Free
online free course

Tagged with:

Leave a Reply ✍