| CVE-2016-3109 |
critical |
9.8 |
9.8 |
|
|
|
9y ago |
Shopware RCE Vulnerability |
| CVE-2017-15374 |
medium |
6.1 |
7.1 |
|
|
|
9y ago |
Shopware XSS Vulnerability |
| CVE-2019-12799 |
unknown |
— |
1.0 |
|
|
|
4y ago |
Shopware Insecure Deserialization Vulnerability |
| CVE-2017-18357 |
unknown |
— |
1.0 |
|
|
|
4y ago |
Shopware XXE Vulnerability |
| CVE-2026-23498 |
unknown |
— |
— |
|
|
|
5mo ago |
Shopware Has Improper Control of Generation of Code in Twig rendered views |
| CVE-2025-67648 |
unknown |
— |
— |
|
|
|
6mo ago |
Shopware Storefront Reflected XSS in Storefront Login Page |
| CVE-2023-34099 |
unknown |
— |
— |
|
|
|
3y ago |
Shopware improper mail validation vulnerability |
| CVE-2023-34098 |
unknown |
— |
— |
|
|
|
3y ago |
Shopware dependency configuration exposed |
| CVE-2022-48150 |
unknown |
— |
— |
|
|
|
3y ago |
Shopware vulnerable to cross-site scripting (XSS) |
| CVE-2022-36101 |
unknown |
— |
— |
|
|
|
4y ago |
Shopware contains sensitive data in backend customer module |
| CVE-2022-36102 |
unknown |
— |
— |
|
|
|
4y ago |
Shopware access control list bypassed via crafted specific URLs |
| CVE-2022-31148 |
unknown |
— |
— |
|
|
|
4y ago |
Shopware vulnerable to persistent cross site scripting (XSS) in customer module |
| CVE-2022-31057 |
unknown |
— |
— |
|
|
|
4y ago |
Authenticated Stored Cross-site Scripting in Shopware |
| CVE-2019-12935 |
unknown |
— |
— |
|
|
|
4y ago |
Shopware Cross-site Scripting Vulnerability |
| CVE-2018-20713 |
unknown |
— |
— |
|
|
|
4y ago |
Shopware SQL Injection |
| CVE-2022-24892 |
unknown |
— |
— |
|
|
|
4y ago |
Multiple valid tokens for password reset in Shopware |
| CVE-2022-24879 |
unknown |
— |
— |
|
|
|
4y ago |
Malfunction of CSRF token validation in Shopware |
| CVE-2022-24873 |
unknown |
— |
— |
|
|
|
4y ago |
Reflected Cross-site Scripting in Shopware storefront |
| CVE-2022-21651 |
unknown |
— |
— |
|
|
|
5y ago |
Open redirect in shopware |
| CVE-2022-21652 |
unknown |
— |
— |
|
|
|
5y ago |
Insufficient Session Expiration in shopware |
| CVE-2021-41188 |
unknown |
— |
— |
|
|
|
5y ago |
Authenticated Stored XSS in shopware/shopware |
| CVE-2021-32713 |
unknown |
— |
— |
|
|
|
5y ago |
Cross-site scripting |
| CVE-2021-32712 |
unknown |
— |
— |
|
|
|
5y ago |
Exposure of Sensitive Information to an Unauthorized Actor |
