Vulnerabilities > Shopware

DATE CVE VULNERABILITY TITLE RISK
2022-03-09 CVE-2022-24747 Exposure of Resource to Wrong Sphere vulnerability in Shopware
Shopware is an open commerce platform based on the Symfony php Framework and the Vue javascript framework.
network
low complexity
shopware CWE-668
5.3
5.3
2022-03-09 CVE-2022-24748 Incorrect Authorization vulnerability in Shopware
Shopware is an open commerce platform based on the Symfony php Framework and the Vue javascript framework.
network
low complexity
shopware CWE-863
7.5
7.5
2022-01-05 CVE-2022-21651 Open Redirect vulnerability in Shopware
Shopware is an open source e-commerce software platform.
network
low complexity
shopware CWE-601
6.1
6.1
2022-01-05 CVE-2022-21652 Insufficient Session Expiration vulnerability in Shopware
Shopware is an open source e-commerce software platform.
network
low complexity
shopware CWE-613
8.1
8.1
2021-10-26 CVE-2021-41188 Cross-site Scripting vulnerability in Shopware
Shopware is open source e-commerce software.
network
low complexity
shopware CWE-79
5.4
5.4
2021-08-16 CVE-2021-37710 Unspecified vulnerability in Shopware
Shopware is an open source eCommerce platform.
network
low complexity
shopware
5.4
5.4
2021-08-16 CVE-2021-37711 Server-Side Request Forgery (SSRF) vulnerability in Shopware
Versions prior to 6.4.3.1 contain an authenticated server-side request forgery vulnerability in file upload via URL.
network
low complexity
shopware CWE-918
8.8
8.8
2021-08-16 CVE-2021-37709 Authorization Bypass Through User-Controlled Key vulnerability in Shopware
Shopware is an open source eCommerce platform.
network
low complexity
shopware CWE-639
6.5
6.5
2021-08-16 CVE-2021-37708 OS Command Injection vulnerability in Shopware
Shopware is an open source eCommerce platform.
network
low complexity
shopware CWE-78
critical
 9.8
9.8
2021-08-16 CVE-2021-37707 Unspecified vulnerability in Shopware
Shopware is an open source eCommerce platform.
network
low complexity
shopware
7.5
7.5