Lucene search
K

10 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.12 views

EUVD-2021-1369

Malware in sbrugna...

4.9CVSS4.9AI score0.00626EPSS
Exploits0References4
NVD
NVD
added 2023/03/15 11:15 p.m.23 views

CVE-2023-24468

Broken access control in Advanced Authentication versions prior to 6.4.1.1 and 6.3.7.2...

9.8CVSS9.5AI score0.00863EPSS
Exploits0References2
OSV
OSV
added 2021/09/08 6:0 p.m.24 views

GHSA-68V9-3JJQ-RVP4 Exposure of Sensitive Information to an Unauthorized Actor

Shopware is an open source eCommerce platform. In versions prior to 6.4.1.1 the admin api has exposed some internal hidden fields when an association has been loaded with a to many reference. Users are recommend to update to version 6.4.1.1. You can get the update to 6.4.1.1 regularly via the...

4.4CVSS5AI score0.01113EPSS
Exploits0References4
Github Security Blog
Github Security Blog
added 2021/09/08 6:0 p.m.36 views

Exposure of Sensitive Information to an Unauthorized Actor

Shopware is an open source eCommerce platform. In versions prior to 6.4.1.1 the admin api has exposed some internal hidden fields when an association has been loaded with a to many reference. Users are recommend to update to version 6.4.1.1. You can get the update to 6.4.1.1 regularly via the...

4.9CVSS4.1AI score0.01113EPSS
Exploits0References5Affected Software1
OSV
OSV
added 2021/06/28 6:21 p.m.5 views

GHSA-243Q-G9J3-QF6R non-admin users can create integration role with administrator role

Impact non-admin users can create integration role with administrator role Patches We recommend updating to the current version 6.4.1.1. You can get the update to 6.4.1.1 regularly via the Auto-Updater or directly via the download overview. https://www.shopware.com/en/download/shopware-6...

7.1AI score
Exploits0References1
Github Security Blog
Github Security Blog
added 2021/06/28 6:21 p.m.40 views

non-admin users can create integration role with administrator role

Impact non-admin users can create integration role with administrator role Patches We recommend updating to the current version 6.4.1.1. You can get the update to 6.4.1.1 regularly via the Auto-Updater or directly via the download overview. https://www.shopware.com/en/download/shopware-6...

2.6AI score
Exploits0References2Affected Software2
OSV
OSV
added 2021/06/28 6:20 p.m.12 views

GHSA-GPMH-G94G-QRHR Internal hidden fields are visible on to many associations in admin api

Impact The admin api has exposed some internal hidden fields when an association has been loaded with a to many reference Patches We recommend updating to the current version 6.4.1.1. You can get the update to 6.4.1.1 regularly via the Auto-Updater or directly via the download overview...

4.9CVSS5AI score0.01113EPSS
Exploits0References1
Prion
Prion
added 2021/06/24 9:15 p.m.13 views

Code injection

Shopware is an open source eCommerce platform. In versions prior to 6.4.1.1 the admin api has exposed some internal hidden fields when an association has been loaded with a to many reference. Users are recommend to update to version 6.4.1.1. You can get the update to 6.4.1.1 regularly via the...

4CVSS5AI score0.01113EPSS
Exploits0References3Affected Software1
NVD
NVD
added 2021/06/24 7:15 p.m.24 views

CVE-2021-32709

Shopware is an open source eCommerce platform. Creation of order credits was not validated by ACL in admin orders. Users are recommend to update to the current version 6.4.1.1. You can get the update to 6.4.1.1 regularly via the Auto-Updater or directly via the download overview. For older versio...

4.9CVSS0.00626EPSS
Exploits0References1
OSV
OSV
added 2021/06/24 7:15 p.m.14 views

CVE-2021-32709

Shopware is an open source eCommerce platform. Creation of order credits was not validated by ACL in admin orders. Users are recommend to update to the current version 6.4.1.1. You can get the update to 6.4.1.1 regularly via the Auto-Updater or directly via the download overview. For older versio...

4.9CVSS6.8AI score
Exploits0References1
Rows per page
Query Builder