Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
9.3
Emerce Core SQL Injection Risk: Data Exposure
CVE-2025-69366
Summary
A security issue in Emerce Core allows attackers to access sensitive data without permission, potentially leading to unauthorized access to customer information. This affects versions 1.0 to 1.8 of Emerce Core. Update to the latest version to protect against this risk.
Original title
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in TeconceTheme Emerce Core emerce-core allows Blind SQL Injection.This issue affects Emerce Core:...
Original description
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in TeconceTheme Emerce Core emerce-core allows Blind SQL Injection.This issue affects Emerce Core: from n/a through <= 1.8.
nvd CVSS3.1
9.3
Vulnerability type
CWE-89
SQL Injection
Published: 20 Feb 2026 · Updated: 11 Mar 2026 · First seen: 6 Mar 2026