Exposure of Shopware

Ecommerce

23

exposure score

7,109

sites use

0

exploited

1

critical

CVEs

30 results

CVE-2026-23498HIGHShopware Improper Control of Generation of Code in Twig rendered viewsEPSS 0.4%CVE-2024-42354MEDIUMShopware vulnerable to Improper Access Control with ManyToMany associations in store-apiEPSS 0.4%CVE-2024-22407MEDIUMBroken Access Control order API in ShopwareEPSS 0.4%CVE-2024-22408HIGHServer-Side Request Forgery (SSRF) in Shopware Flow BuilderEPSS 0.4%CVE-2025-7954MEDIUMRace Condition in Shopware Voucher SubmissionEPSS 0.4%CVE-2025-30151HIGHShopware allows Denial Of Service via password lengthEPSS 0.3%CVE-2025-30150MEDIUMShopware 6 allows attackers to check for registered accounts through the store-apiEPSS 0.3%CVE-2025-32378MEDIUMShopware's default newsletter opt-in settings allow for mass sign-up abuseEPSS 0.2%CVE-2026-48011LOWShopware: Timing-attack on admin panel allowing enumeration of administrator usernamesEPSS 0.2%CVE-2025-67648HIGHShopware's inproper input validation can lead to Reflected XSS through Storefront Login PageEPSS 0.2%

← previouspage 2 / 2next →

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →