Vulnerabilities > Shopware > Critical
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2024-08-08 | CVE-2024-42355 | Code Injection vulnerability in Shopware Shopware, an open ecommerce platform, has a new Twig Tag `sw_silent_feature_call` which silences deprecation messages while triggered in this tag. | 9.8 |
2024-08-08 | CVE-2024-42357 | SQL Injection vulnerability in Shopware Shopware is an open commerce platform. | 9.8 |
2024-01-16 | CVE-2024-22406 | Unspecified vulnerability in Shopware Shopware is an open headless commerce platform. | 9.8 |
2023-01-17 | CVE-2023-22732 | Unspecified vulnerability in Shopware Shopware is an open source commerce platform based on Symfony Framework and Vue js. | 9.8 |
2021-08-16 | CVE-2021-37708 | OS Command Injection vulnerability in Shopware Shopware is an open source eCommerce platform. | 9.8 |
2017-04-21 | CVE-2016-3109 | Improper Input Validation vulnerability in Shopware The backend/Login/load/ script in Shopware before 5.1.5 allows remote attackers to execute arbitrary code. | 9.8 |