Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
shopware vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2022-31148
Shopware is an open source e-commerce software. In versions from 5.7.0 a persistent cross site scripting (XSS) vulnerability exists in the customer module. Users are recommend to update to the current version 5.7.14. You can get the update to 5.7.14 regularly via the Auto-Updater...
Shopware Shopware
5.8
CVSSv2
CVE-2022-21651
Shopware is an open source e-commerce software platform. An open redirect vulnerability has been discovered. Users may be arbitrary redirected due to incomplete URL handling in the shopware router. This issue has been resolved in version 5.7.7. There is no workaround and users ar...
Shopware Shopware
5.5
CVSSv2
CVE-2022-21652
Shopware is an open source e-commerce software platform. In affected versions shopware would not invalidate a user session in the event of a password change. With version 5.7.7 the session validation was adjusted, so that sessions created prior to the latest password change of a ...
Shopware Shopware
3.5
CVSSv2
CVE-2020-13971
In Shopware prior to 6.2.3, authenticated users are allowed to use the Mediabrowser fileupload feature to upload SVG images containing JavaScript. This leads to Persistent XSS. An uploaded image can be accessed without authentication.
Shopware Shopware
4
CVSSv2
CVE-2021-32709
Shopware is an open source eCommerce platform. Creation of order credits was not validated by ACL in admin orders. Users are recommend to update to the current version 6.4.1.1. You can get the update to 6.4.1.1 regularly via the Auto-Updater or directly via the download overview....
Shopware Shopware
5
CVSSv2
CVE-2021-32710
Shopware is an open source eCommerce platform. Potential session hijacking of store customers in versions below 6.3.5.2. We recommend to update to the current version 6.3.5.2. You can get the update to 6.3.5.2 regularly via the Auto-Updater or directly via the download overview. ...
Shopware Shopware
5
CVSSv2
CVE-2021-32712
Shopware is an open source eCommerce platform. Versions before 5.6.10 are vulnerable to system information leakage in error handling. Users are recommend to update to version 5.6.10. You can get the update to 5.6.10 regularly via the Auto-Updater or directly via the download over...
Shopware Shopware
3.5
CVSSv2
CVE-2021-32713
Shopware is an open source eCommerce platform. Versions before 5.6.10 suffer from an authenticated stored XSS in administration vulnerability. Users are recommend to update to the version 5.6.10. You can get the update to 5.6.10 regularly via the Auto-Updater or directly via the ...
Shopware Shopware
4.3
CVSSv2
CVE-2019-12935
Shopware prior to 5.5.8 has XSS via the Query String to the backend/Login or backend/Login/load/ URI.
Shopware Shopware
NA
CVE-2022-48150
Shopware v5.5.10 exists to contain a cross-site scripting (XSS) vulnerability via the recovery/install/ URI.
Shopware Shopware 5.5.10
1 Github repository
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
TCP
CVE-2024-4577
CVE-2024-2695
CVE-2024-31870
injection
CVE-2024-3813
arbitrary code
CVE-2024-27801
CVE-2024-30120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
NEXT »