PT-2026-36620 · Innocommerce · Innoshop
Anch0R
·
Published
2026-05-02
·
Updated
2026-05-02
·
CVE-2026-7630
CVSS v2.0
7.5
High
| Vector | AV:N/AC:L/Au:N/C:P/I:P/A:P |
Name of the Vulnerable Software and Affected Versions
innocommerce InnoShop versions prior to 0.7.9
Description
Improper authentication exists in the Installation Endpoint. The issue is located in the
boot() function of the InstallServiceProvider class within the innopacks/install/src/InstallServiceProvider.php file. This flaw allows for remote exploitation.Recommendations
Apply the patch identified as 45758e4ec22451ab944ae2ae826b1e70f6450dc9 to resolve the issue.
Exploit
Fix
Improper Authentication
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Innoshop