CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

24 matches found

Snyk•added 2025/04/08 4:33 p.m.•2 views

SQL Injection

Overview shopware/platform is a Shopware e-commerce core. Affected versions of this package are vulnerable to SQL Injection through the aggregations object. An attacker can manipulate the SQL queries and potentially access or alter data by injecting malicious SQL code into the name field...

7.3CVSS8.1AI score0.01246EPSS

Exploits1References2

Snyk•added 2025/04/08 4:33 p.m.•0 views

SQL Injection

Overview shopware/core is a Shopware platform is the core for all Shopware ecommerce products. Affected versions of this package are vulnerable to SQL Injection through the aggregations object. An attacker can manipulate the SQL queries and potentially access or alter data by injecting malicious...

7.3CVSS8.1AI score0.01246EPSS

Exploits1References2

Github Security Blog•added 2025/04/08 4:33 p.m.•27 views

Shopware Vulnerable to Blind SQL-injection in DAL aggregations

Impact The Shopware application API contains a search functionality which enables users to search through information stored within their Shopware instance. The searches performed by this function can be aggregated using the parameters in the “aggregations” object. The ‘name’ field in this...

6.8CVSS6.9AI score0.01246EPSS

Exploits1References7Affected Software2

OSV•added 2025/04/08 4:33 p.m.•7 views

GHSA-8G35-7RMW-7F59 Shopware Vulnerable to Blind SQL-injection in DAL aggregations

7.3CVSS6.9AI score0.01246EPSS

Exploits1References7

OSV•added 2024/08/08 2:55 p.m.•10 views

CVE-2024-42357 Shopware vulnerable to blind SQL-injection in DAL aggregations

Shopware is an open commerce platform. Prior to versions 6.6.5.1 and 6.5.8.13, the Shopware application API contains a search functionality which enables users to search through information stored within their Shopware instance. The searches performed by this function can be aggregated using the...

7.3CVSS6.8AI score0.00817EPSS

Exploits0References7

OSV•added 2024/08/08 2:53 p.m.•13 views

GHSA-P6W9-R443-R752 Shopware vulnerable to blind SQL-injection in DAL aggregations

7.3CVSS8.4AI score0.00817EPSS

Exploits0References7

Github Security Blog•added 2024/08/08 2:53 p.m.•15 views

Shopware vulnerable to blind SQL-injection in DAL aggregations

9.8CVSS7AI score0.00817EPSS

Exploits0References7Affected Software2

CNNVD•added 2024/08/08 12:0 a.m.•1 views

Shopware 安全漏洞

Shopware is a suite of open source e-commerce software from the German company Shopware. A security vulnerability exists in Shopware versions 6.6.5.1 and 6.5.8.13 and earlier, which stems from the search function in its application API, where the name field in the aggregations object is susceptib...

9.8CVSS7.3AI score0.00817EPSS

Exploits0References6

Positive Technologies•added 2024/08/08 12:0 a.m.•1 views

PT-2024-29893 · Shopware · Shopware

Name of the Vulnerable Software and Affected Versions: Shopware versions prior to 6.6.5.1 Shopware versions prior to 6.5.8.13 Description: The Shopware application API contains a search functionality that enables users to search through information stored within their Shopware instance. The...

9.8CVSS6.2AI score0.00817EPSS

Exploits0References15

OSV•added 2024/01/17 8:28 p.m.•23 views

GHSA-QMP9-2XWJ-M6M9 Blind SQL injection in shopware

9.3CVSS7.7AI score0.00415EPSS

Exploits0References6

NVD•added 2024/01/16 11:15 p.m.•8 views

CVE-2024-22406

Shopware is an open headless commerce platform. The Shopware application API contains a search functionality which enables users to search through information stored within their Shopware instance. The searches performed by this function can be aggregated using the parameters in the “aggregations...

9.8CVSS9.1AI score0.00415EPSS

Exploits0References1

Cvelist•added 2024/01/16 10:30 p.m.•14 views

CVE-2024-22406 Blind SQL-injection in DAL aggregations in Shopware

9.3CVSS9.4AI score0.00415EPSS

Exploits0References1

Positive Technologies•added 2024/01/16 12:0 a.m.•2 views

PT-2024-19396 · Shopware · Shopware

Name of the Vulnerable Software and Affected Versions: Shopware versions prior to 6.5.7.4 Shopware versions 6.1, 6.2, 6.3, and 6.4 Description: The Shopware application API contains a search functionality that enables users to search through information stored within their Shopware instance. The...

9.8CVSS6.3AI score0.00415EPSS

Exploits0References20

CNNVD•added 2024/01/16 12:0 a.m.•2 views

Shopware SQL Injection Vulnerability

Shopware is a suite of open source e-commerce software from the German company Shopware. A SQL injection vulnerability exists in Shopware 6.5.7.3 and earlier versions, which stems from a SQL injection vulnerability in the name field of the aggregations object...

9.8CVSS7.9AI score0.00415EPSS

Exploits0References2

Cvelist•added 2023/02/03 7:14 p.m.•18 views

CVE-2023-23933 Issue in Anomaly Detection with document and field level rules in numerical feature aggregations

OpenSearch Anomaly Detection identifies atypical data and receives automatic notifications. There is an issue with the application of document and field level restrictions in the Anomaly Detection plugin, where users with the Anomaly Detector role can read aggregated numerical data e.g. averages,...

5.7CVSS4.7AI score0.00774EPSS

Exploits0References1

Vulnrichment•added 2023/02/03 7:14 p.m.•14 views

CVE-2023-23933 Issue in Anomaly Detection with document and field level rules in numerical feature aggregations

5.7CVSS4.9AI score0.00774EPSS

Exploits0References1

Akamai Blog•added 2021/01/25 1:5 p.m.•53 views

Sustainability at Akamai: An Efficient Platform Powered by Energy Aggregation

If I had a dollar for every time I heard "2020 was an unprecedented year", I could fund a clean energy project myself. And while we're tired of hearing it, it's true. Among the pandemic, U.S. presidential election, social justice movements, the finalization of Brexit, and many other new and...

7.2AI score

Exploits0