Vulnerabilidades en shopware
57 resultadosCVE-2021-37710HIGHCross-Site Scripting via SVG media filesEPSS 0.7%CVE-2021-32713MEDIUMAuthenticated Stored XSSEPSS 0.7%CVE-2023-22732LOWInsufficient Session Expiration in Administration in shopwareEPSS 0.7%CVE-2022-24748MEDIUMIncorrect Authentication in shopwareEPSS 0.7%CVE-2023-22733LOWImproper Output Neutralization in Log Module in shopwareEPSS 0.7%CVE-2023-22730MEDIUMImproper Input Validation of Clearance sale in cartEPSS 0.7%CVE-2024-42356HIGHShopware vulnerable to Server Side Template Injection in Twig using Context functionsEPSS 0.6%CVE-2024-22406CRITICALBlind SQL-injection in DAL aggregations in ShopwareEPSS 0.6%CVE-2022-31057MEDIUMAuthenticated Stored XSS in Shopware AdministrationEPSS 0.6%CVE-2021-32709MEDIUMCreation of order credits was not validated by acl in admin ordersEPSS 0.6%CVE-2022-36102MEDIUMAcess control list bypassed via crafted specific URLsEPSS 0.6%CVE-2024-27917HIGHShopware's session is persistent in Cache for 404 pagesEPSS 0.6%CVE-2023-22734MEDIUMImproper Input Newsletter subscription option validation in shopwareEPSS 0.6%CVE-2024-42357HIGHShopware vulnerable to blind SQL-injection in DAL aggregationsEPSS 0.6%CVE-2022-24879HIGHMalfunction of Cross-Site Request Forgery token validationEPSS 0.6%CVE-2023-34099MEDIUMImproper mail validation in ShopwareEPSS 0.5%CVE-2022-36101MEDIUMSensitive data in backend customer moduleEPSS 0.5%CVE-2022-31148MEDIUMPersistent cross site scripting in customer module in ShopwareEPSS 0.5%CVE-2022-24745MEDIUMGuest session is shared between customers in shopwareEPSS 0.5%CVE-2024-31447MEDIUMShopware has Improper Session Handling in store-apiEPSS 0.5%