VYPR

Shopware

by Shopware

Source repositories

CVEs (46)

  • CVE-2022-24956Mar 29, 2022
    risk 0.00cvss epss 0.01

    An issue was discovered in Shopware B2B-Suite through 4.4.1. The sort-by parameter of the search functionality of b2border and b2borderlist allows SQL injection. Possible techniques are boolean-based blind, time-based blind, and potentially stacked queries. The vulnerability…

  • CVE-2022-21652Jan 5, 2022
    risk 0.00cvss epss 0.01

    Shopware is an open source e-commerce software platform. In affected versions shopware would not invalidate a user session in the event of a password change. With version 5.7.7 the session validation was adjusted, so that sessions created prior to the latest password change of a…

  • CVE-2022-21651Jan 5, 2022
    risk 0.00cvss epss 0.01

    Shopware is an open source e-commerce software platform. An open redirect vulnerability has been discovered. Users may be arbitrary redirected due to incomplete URL handling in the shopware router. This issue has been resolved in version 5.7.7. There is no workaround and users…

  • CVE-2021-41188Oct 26, 2021
    risk 0.00cvss epss 0.01

    Shopware is open source e-commerce software. Versions prior to 5.7.6 contain a cross-site scripting vulnerability. This issue is patched in version 5.7.6. Two workarounds are available. Using the security plugin or adding a particular following config to the `.htaccess` file…

  • CVE-2021-32712Jun 24, 2021
    risk 0.00cvss epss 0.01

    Shopware is an open source eCommerce platform. Versions prior to 5.6.10 are vulnerable to system information leakage in error handling. Users are recommend to update to version 5.6.10. You can get the update to 5.6.10 regularly via the Auto-Updater or directly via the download…

  • CVE-2021-32713Jun 24, 2021
    risk 0.00cvss epss 0.01

    Shopware is an open source eCommerce platform. Versions prior to 5.6.10 suffer from an authenticated stored XSS in administration vulnerability. Users are recommend to update to the version 5.6.10. You can get the update to 5.6.10 regularly via the Auto-Updater or directly via…

Page 3 of 3