731 matches found
CVE-2019-13608
Citrix StoreFront Server before 1903, 7.15 LTSR before CU4 3.12.4000, and 7.6 LTSR before CU8 3.0.8000 allows XXE attacks...
CVE-2008-1341
SQL injection vulnerability in SearchResults.aspx in LaGarde StoreFront 6 before SP8 allows remote attackers to execute arbitrary SQL commands via the CategoryId parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information...
Remove the Send anonymous usage statistics options at preferences at Storefront
To remove the option of sending anonymous usage statistics to improve Citrix Workspace app at preferences for Stores...
CVE-2025-30151
Shopware is an open commerce platform. It's possible to pass long passwords that leads to Denial Of Service via forms in Storefront forms or Store-API. This vulnerability is fixed in 6.6.10.3 or 6.5.8.17. For older versions of 6.4, corresponding security measures are also available via a plugin...
Improper Input Validation
Overview shopware/core is a Shopware platform is the core for all Shopware ecommerce products. Affected versions of this package are vulnerable to Improper Input Validation via the password length. This is by submitting excessively long passwords through Storefront forms or Store-API. Remediation...
Improper Input Validation
Overview shopware/platform is a Shopware e-commerce core. Affected versions of this package are vulnerable to Improper Input Validation via the password length. This is by submitting excessively long passwords through Storefront forms or Store-API. Remediation Upgrade shopware/platform to version...
GHSA-CGFJ-HJ93-RMH2 Shopware allows Denial Of Service via password length
Impact It's possible to pass long passwords that leads to Denial Of Service via forms in Storefront forms or Store-API. Patches Update to Shopware 6.6.10.3 or 6.5.8.17 Workarounds For older versions of 6.4, corresponding security measures are also available via a plugin. For the full range of...
CVE-2025-30151
Shopware is an open commerce platform. It's possible to pass long passwords that leads to Denial Of Service via forms in Storefront forms or Store-API. This vulnerability is fixed in 6.6.10.3 or 6.5.8.17. For older versions of 6.4, corresponding security measures are also available via a plugin...
CVE-2025-30151 Shopware allows Denial Of Service via password length
Shopware is an open commerce platform. It's possible to pass long passwords that leads to Denial Of Service via forms in Storefront forms or Store-API. This vulnerability is fixed in 6.6.10.3 or 6.5.8.17. For older versions of 6.4, corresponding security measures are also available via a plugin...
CVE-2025-30151 Shopware allows Denial Of Service via password length
Shopware is an open commerce platform. It's possible to pass long passwords that leads to Denial Of Service via forms in Storefront forms or Store-API. This vulnerability is fixed in 6.6.10.3 or 6.5.8.17. For older versions of 6.4, corresponding security measures are also available via a plugin...
Citrix Storefront - Error "404 - File or directory not found" when accessing Storefront URL
Browsing to Storefront web URL results in below error "404 - File or directory not found. The resource you are looking for might have been removed, had its name changed, or is temporarily unavailable."...
Applying Modern UI patch for Citrix Storefront LTSR2402 CU2 (to support CWA Linux Clients)
Symptoms or Error When users on Linux login to their Citrix Workspace App for Linux , they see an infinite progress screen or error instead of seeing the list of their apps and desktops. This is applicable only for customers where the admins have 1. Upgraded their StoreFronts to the new Storefron...
CVE-2024-13686
The VW Storefront theme for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the vwstorefrontresetallsettings function in all versions up to, and including, 0.9.9. This makes it possible for authenticated attackers, with Subscriber-level access and...
CVE-2025-26206
Cross Site Request Forgery vulnerability in sell done storefront v.1.0 allows a remote attacker to escalate privileges via the index.html component...
CVE-2024-13686
The VW Storefront theme for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the vwstorefrontresetallsettings function in all versions up to, and including, 0.9.9. This makes it possible for authenticated attackers, with Subscriber-level access and...
CVE-2024-13686
The VW Storefront theme for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the vwstorefrontresetallsettings function in all versions up to, and including, 0.9.9. This makes it possible for authenticated attackers, with Subscriber-level access and...
CVE-2024-13686 VW Storefront <= 0.9.9 - Missing Authorization to Authenticated (Subscriber+) Settings Reset
The VW Storefront theme for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the vwstorefrontresetallsettings function in all versions up to, and including, 0.9.9. This makes it possible for authenticated attackers, with Subscriber-level access and...
CVE-2024-13686 VW Storefront <= 0.9.9 - Missing Authorization to Authenticated (Subscriber+) Settings Reset
The VW Storefront theme for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the vwstorefrontresetallsettings function in all versions up to, and including, 0.9.9. This makes it possible for authenticated attackers, with Subscriber-level access and...
CVE-2024-13686
CVE-2024-13686 affects VW Storefront for WordPress (versions
WordPress plugin VW Storefront 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security...