Lucene search
K

731 matches found

RedhatCVE
RedhatCVE
added 2025/05/22 8:13 a.m.13 views

CVE-2019-13608

Citrix StoreFront Server before 1903, 7.15 LTSR before CU4 3.12.4000, and 7.6 LTSR before CU8 3.0.8000 allows XXE attacks...

7.5CVSS6.8AI score0.3026EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/21 6:40 p.m.6 views

CVE-2008-1341

SQL injection vulnerability in SearchResults.aspx in LaGarde StoreFront 6 before SP8 allows remote attackers to execute arbitrary SQL commands via the CategoryId parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information...

7.5CVSS8.5AI score0.01051EPSS
Exploits0References1
Citrix
Citrix
added 2025/05/09 12:0 a.m.9 views

Remove the Send anonymous usage statistics options at preferences at Storefront

To remove the option of sending anonymous usage statistics to improve Citrix Workspace app at preferences for Stores...

7.1AI score
Exploits0
RedhatCVE
RedhatCVE
added 2025/04/10 2:47 p.m.23 views

CVE-2025-30151

Shopware is an open commerce platform. It's possible to pass long passwords that leads to Denial Of Service via forms in Storefront forms or Store-API. This vulnerability is fixed in 6.6.10.3 or 6.5.8.17. For older versions of 6.4, corresponding security measures are also available via a plugin...

7.5CVSS6.7AI score0.00393EPSS
Exploits0References1
Snyk
Snyk
added 2025/04/08 2:51 p.m.6 views

Improper Input Validation

Overview shopware/core is a Shopware platform is the core for all Shopware ecommerce products. Affected versions of this package are vulnerable to Improper Input Validation via the password length. This is by submitting excessively long passwords through Storefront forms or Store-API. Remediation...

8.7CVSS7.1AI score0.00393EPSS
Exploits0References2
Snyk
Snyk
added 2025/04/08 2:51 p.m.4 views

Improper Input Validation

Overview shopware/platform is a Shopware e-commerce core. Affected versions of this package are vulnerable to Improper Input Validation via the password length. This is by submitting excessively long passwords through Storefront forms or Store-API. Remediation Upgrade shopware/platform to version...

8.7CVSS7.1AI score0.00393EPSS
Exploits0References2
OSV
OSV
added 2025/04/08 2:51 p.m.46 views

GHSA-CGFJ-HJ93-RMH2 Shopware allows Denial Of Service via password length

Impact It's possible to pass long passwords that leads to Denial Of Service via forms in Storefront forms or Store-API. Patches Update to Shopware 6.6.10.3 or 6.5.8.17 Workarounds For older versions of 6.4, corresponding security measures are also available via a plugin. For the full range of...

7.5CVSS7.1AI score0.00393EPSS
Exploits0References6
NVD
NVD
added 2025/04/08 2:15 p.m.50 views

CVE-2025-30151

Shopware is an open commerce platform. It's possible to pass long passwords that leads to Denial Of Service via forms in Storefront forms or Store-API. This vulnerability is fixed in 6.6.10.3 or 6.5.8.17. For older versions of 6.4, corresponding security measures are also available via a plugin...

7.5CVSS0.00393EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/04/08 1:46 p.m.7 views

CVE-2025-30151 Shopware allows Denial Of Service via password length

Shopware is an open commerce platform. It's possible to pass long passwords that leads to Denial Of Service via forms in Storefront forms or Store-API. This vulnerability is fixed in 6.6.10.3 or 6.5.8.17. For older versions of 6.4, corresponding security measures are also available via a plugin...

7.5CVSS7AI score0.00393EPSS
Exploits0References1
OSV
OSV
added 2025/04/08 1:46 p.m.6 views

CVE-2025-30151 Shopware allows Denial Of Service via password length

Shopware is an open commerce platform. It's possible to pass long passwords that leads to Denial Of Service via forms in Storefront forms or Store-API. This vulnerability is fixed in 6.6.10.3 or 6.5.8.17. For older versions of 6.4, corresponding security measures are also available via a plugin...

7.5CVSS6.4AI score0.00393EPSS
Exploits0References3
Citrix
Citrix
added 2025/04/02 12:0 a.m.12 views

Citrix Storefront - Error "404 - File or directory not found" when accessing Storefront URL

Browsing to Storefront web URL results in below error "404 - File or directory not found. The resource you are looking for might have been removed, had its name changed, or is temporarily unavailable."...

7.2AI score
Exploits0
Citrix
Citrix
added 2025/04/01 12:0 a.m.9 views

Applying Modern UI patch for Citrix Storefront LTSR2402 CU2 (to support CWA Linux Clients)

Symptoms or Error When users on Linux login to their Citrix Workspace App for Linux , they see an infinite progress screen or error instead of seeing the list of their apps and desktops. This is applicable only for customers where the admins have 1. Upgraded their StoreFronts to the new Storefron...

6.9AI score
Exploits0
RedhatCVE
RedhatCVE
added 2025/03/06 3:48 a.m.24 views

CVE-2024-13686

The VW Storefront theme for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the vwstorefrontresetallsettings function in all versions up to, and including, 0.9.9. This makes it possible for authenticated attackers, with Subscriber-level access and...

4.3CVSS6.7AI score0.00269EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/03/05 1:3 a.m.8 views

CVE-2025-26206

Cross Site Request Forgery vulnerability in sell done storefront v.1.0 allows a remote attacker to escalate privileges via the index.html component...

9CVSS7.1AI score0.00573EPSS
Exploits3References1
OSV
OSV
added 2025/03/04 4:15 a.m.3 views

CVE-2024-13686

The VW Storefront theme for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the vwstorefrontresetallsettings function in all versions up to, and including, 0.9.9. This makes it possible for authenticated attackers, with Subscriber-level access and...

4.3CVSS7.3AI score0.00269EPSS
Exploits0References2
NVD
NVD
added 2025/03/04 4:15 a.m.29 views

CVE-2024-13686

The VW Storefront theme for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the vwstorefrontresetallsettings function in all versions up to, and including, 0.9.9. This makes it possible for authenticated attackers, with Subscriber-level access and...

4.3CVSS0.00269EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/03/04 3:37 a.m.28 views

CVE-2024-13686 VW Storefront <= 0.9.9 - Missing Authorization to Authenticated (Subscriber+) Settings Reset

The VW Storefront theme for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the vwstorefrontresetallsettings function in all versions up to, and including, 0.9.9. This makes it possible for authenticated attackers, with Subscriber-level access and...

4.3CVSS0.00269EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/03/04 3:37 a.m.10 views

CVE-2024-13686 VW Storefront <= 0.9.9 - Missing Authorization to Authenticated (Subscriber+) Settings Reset

The VW Storefront theme for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the vwstorefrontresetallsettings function in all versions up to, and including, 0.9.9. This makes it possible for authenticated attackers, with Subscriber-level access and...

4.3CVSS4.4AI score0.00269EPSS
Exploits0References2
CVE
CVE
added 2025/03/04 3:37 a.m.57 views

CVE-2024-13686

CVE-2024-13686 affects VW Storefront for WordPress (versions

4.3CVSS6.6AI score0.00269EPSS
Exploits0References2Affected Software1
CNNVD
CNNVD
added 2025/03/04 12:0 a.m.5 views

WordPress plugin VW Storefront 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security...

4.3CVSS8.6AI score0.00269EPSS
Exploits0References4
Rows per page
Query Builder