CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Shopware is an open source e-commerce software. In affected versions if backend admin controllers are called with a certain notation, the ACL could be bypassed. Users could execute actions, which they are normally not able to do. Users are advised to update to the current version 5.7.15. Users ca...

7.2CVSS6.9AI score0.00586EPSS

Exploits0

Prion•added 2022/08/01 5:15 p.m.•10 views

Cross site scripting

Shopware is an open source e-commerce software. In versions from 5.7.0 a persistent cross site scripting XSS vulnerability exists in the customer module. Users are recommend to update to the current version 5.7.14. You can get the update to 5.7.14 regularly via the Auto-Updater or directly via th...

4.9CVSS5.2AI score0.00517EPSS

Exploits0References3Affected Software1

NVD•added 2022/06/27 8:15 p.m.•8 views

CVE-2022-31057

Shopware is an open source e-commerce software made in Germany. Versions of Shopware 5 prior to version 5.7.12 are subject to an authenticated Stored XSS in Administration. Users are advised to upgrade. There are no known workarounds for this issue...

6.5CVSS0.00542EPSS

Exploits0References4

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by