shopware Platform Vulnerabilities
Shopware Platform vulnerabilities.
Vulnerability Published:
ποΈ Published
- Anytime
Sort By:
ποΈ Published Date
- Descending
User Recovery Vulnerability in Shopware Open Commerce Platform
CVE-2026-48009ShopwareShopware6.8MEDIUMAuthorization Bypass in Shopware Open Commerce Platform
CVE-2026-48014ShopwareShopware6.5MEDIUMUser Data Control Flaw in Shopware Open Commerce Platform
CVE-2026-48010ShopwareShopware6.5MEDIUMPayment Processing Vulnerability in Shopware Open Commerce Platform
CVE-2026-48016ShopwareShopware4.3MEDIUMSVG File Upload Vulnerability in Shopware Open Commerce Platform
CVE-2026-48015ShopwareShopware4.9MEDIUMAPI Escalation Vulnerability in Shopware eCommerce Platform
CVE-2026-48008ShopwareShopware6.5MEDIUMAuthentication Flaw in Shopware Open Commerce Platform
CVE-2026-31889ShopwareCore8.9HIGHInconsistent Error Handling in Shopware Store API Login Endpoint
CVE-2026-31888ShopwareCore5.3MEDIUMInsufficient Filter Checks in Shopware's Open Commerce Platform
CVE-2026-31887ShopwareCore8.9HIGHImproper Input Validation of Clearance sale in cart
CVE-2023-22730ShopwarePlatform5.3MEDIUMImproper Control of Generation of Code in Twig rendered views in shopware
CVE-2023-22731ShopwarePlatform10CRITICALInsufficient Session Expiration in Administration in shopware
CVE-2023-22732ShopwarePlatform3.7LOWImproper Output Neutralization in Log Module in shopware
CVE-2023-22733ShopwarePlatform2.7LOWImproper Input Newsletter subscription option validation in shopware
CVE-2023-22734ShopwarePlatform4.3MEDIUMImproper Access Control in shopware
CVE-2022-24872ShopwarePlatform8.1HIGHServer-Side Request Forgery (SSRF) in Shopware
CVE-2022-24871ShopwarePlatform7.2HIGHInsufficient Session Expiration in shopware
CVE-2022-24744ShopwarePlatform2.6LOWGuest session is shared between customers in shopware
CVE-2022-24745ShopwarePlatform4.8MEDIUMHTML injection possibility in voucher code form
CVE-2022-24746ShopwarePlatform6.1MEDIUMHTTP caching is marking private HTTP headers as public
CVE-2022-24747ShopwarePlatform6.3MEDIUMIncorrect Authentication in shopware
CVE-2022-24748ShopwarePlatform6.8MEDIUMCross-Site Scripting via SVG media files
CVE-2021-37710ShopwarePlatform8HIGHAuthenticated server-side request forgery in file upload via URL.
CVE-2021-37711ShopwarePlatform8.8HIGHInsecure direct object reference of log files of the Import/Export feature
CVE-2021-37709ShopwarePlatform6.5MEDIUMCommand injection in mail agent settings
CVE-2021-37708ShopwarePlatform8.8HIGH