2023-05-04 06:00:27 +02:00
{
"id" : "CVE-2023-27568" ,
"sourceIdentifier" : "cve@mitre.org" ,
"published" : "2023-05-04T02:15:19.103" ,
2023-05-09 22:00:35 +02:00
"lastModified" : "2023-05-09T18:15:13.370" ,
2023-05-09 08:00:27 +02:00
"vulnStatus" : "Undergoing Analysis" ,
2023-05-04 06:00:27 +02:00
"descriptions" : [
{
"lang" : "en" ,
"value" : "SQL injection vulnerability inSpryker Commerce OS 0.9 that allows for access to sensitive data via customer/order?orderSearchForm[searchText]="
}
] ,
"metrics" : { } ,
"references" : [
2023-05-09 22:00:35 +02:00
{
"url" : "http://packetstormsecurity.com/files/172257/Spryker-Commerce-OS-1.0-SQL-Injection.html" ,
"source" : "cve@mitre.org"
} ,
2023-05-09 08:00:27 +02:00
{
"url" : "http://seclists.org/fulldisclosure/2023/May/2" ,
"source" : "cve@mitre.org"
} ,
2023-05-04 06:00:27 +02:00
{
"url" : "https://www.schutzwerk.com/advisories/SCHUTZWERK-SA-2023-001.txt" ,
"source" : "cve@mitre.org"
} ,
{
"url" : "https://www.schutzwerk.com/blog/schutzwerk-sa-2023-001/" ,
"source" : "cve@mitre.org"
}
]
}
