Exposure of Shopware

Ecommerce

23

exposure score

7,109

sites use

0

exploited

1

critical

CVEs

30 results

CVE-2021-32712MEDIUMInformation leakage in Error HandlerEPSS 1.1%CVE-2024-42355HIGHShopware vulnerable to Server Side Template Injection in Twig using deprecation silence tagEPSS 0.9%CVE-2022-24892MEDIUMMultiple valid tokens for password reset in ShopwareEPSS 0.8%CVE-2022-21652LOWInsufficient Session Expiration in shopwareEPSS 0.8%CVE-2022-21651MEDIUMOpen redirect in shopwareEPSS 0.8%CVE-2022-24873MEDIUMNon-Stored Cross-site Scripting in Shopware storefrontEPSS 0.7%CVE-2021-41188MEDIUMAuthenticated Stored XSS in AdministrationEPSS 0.7%CVE-2021-32713MEDIUMAuthenticated Stored XSSEPSS 0.7%CVE-2024-42356HIGHShopware vulnerable to Server Side Template Injection in Twig using Context functionsEPSS 0.6%CVE-2024-22406CRITICALBlind SQL-injection in DAL aggregations in ShopwareEPSS 0.6%CVE-2022-36102MEDIUMAcess control list bypassed via crafted specific URLsEPSS 0.6%CVE-2024-27917HIGHShopware's session is persistent in Cache for 404 pagesEPSS 0.6%CVE-2024-42357HIGHShopware vulnerable to blind SQL-injection in DAL aggregationsEPSS 0.6%CVE-2022-24879HIGHMalfunction of Cross-Site Request Forgery token validationEPSS 0.6%CVE-2022-31057MEDIUMAuthenticated Stored XSS in Shopware AdministrationEPSS 0.5%CVE-2023-34099MEDIUMImproper mail validation in ShopwareEPSS 0.5%CVE-2022-36101MEDIUMSensitive data in backend customer moduleEPSS 0.5%CVE-2022-31148MEDIUMPersistent cross site scripting in customer module in ShopwareEPSS 0.5%CVE-2024-31447MEDIUMShopware has Improper Session Handling in store-apiEPSS 0.5%CVE-2023-34098MEDIUMDependency configuration exposed in ShopwareEPSS 0.5%

← previouspage 1 / 2next →

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →