目標達成 すべての支援者に感謝 — 100%達成しました!

目標: 1000 CNY · 調達済み: 1000 CNY

100.0%
コーヒーを一杯おごる

Shopware 厂商漏洞列表 / CVE 中文分析 56

Shopware 厂商相关 56 条 CVE 漏洞,含 AI 中文分析、POC、CVSS 评分与受影响产品。

Shopware 是一款开源电子商务平台,旨在为商家提供灵活的在线销售解决方案。其历史漏洞多涉及远程代码执行、跨站脚本及越权访问,部分源于插件机制或框架底层缺陷。值得关注的是,该平台采用模块化架构,安全更新通常通过补丁发布。截至最新统计,已收录 56 条 CVE,反映其生态复杂性带来的持续安全挑战,用户需及时跟进版本升级以规避风险。

22 件の結果 / 56フィルターをクリア
上位製品 Shopware: shopware platform core SwagPayPal commercial
CVE IDタイトルCVSS深刻度公開日
CVE-2023-22733 Improper Output Neutralization in Log Module in shopware — platformCWE-532 2.7 Low2023-01-17
CVE-2023-22732 Insufficient Session Expiration in Administration in shopware — platformCWE-613 3.7 Low2023-01-17
CVE-2023-22731 Improper Control of Generation of Code in Twig rendered views in shopware — platformCWE-94 10.0 Critical2023-01-17
CVE-2023-22730 Improper Input Validation of Clearance sale in cart — platformCWE-20 5.3 Medium2023-01-17
CVE-2023-22734 Improper Input Newsletter subscription option validation in shopware — platformCWE-20 4.3 Medium2023-01-17
CVE-2022-24872 Improper Access Control in shopware — platformCWE-732 8.1 High2022-04-20
CVE-2022-24871 Server-Side Request Forgery (SSRF) in Shopware — platformCWE-918 7.2 High2022-04-20
CVE-2022-24744 Insufficient Session Expiration in shopware — platformCWE-613 2.6 Low2022-03-09
CVE-2022-24745 Guest session is shared between customers in shopware — platformCWE-384 4.8 Medium2022-03-09
CVE-2022-24746 HTML injection possibility in voucher code form — platformCWE-79 6.1 Medium2022-03-09
CVE-2022-24747 HTTP caching is marking private HTTP headers as public — platformCWE-200 6.3 Medium2022-03-09
CVE-2022-24748 Incorrect Authentication in shopware — platformCWE-287 6.8 Medium2022-03-09
CVE-2021-37711 Authenticated server-side request forgery in file upload via URL. — platformCWE-918 8.8 High2021-08-16
CVE-2021-37710 Cross-Site Scripting via SVG media files — platformCWE-79 8.0 High2021-08-16
CVE-2021-37709 Insecure direct object reference of log files of the Import/Export feature — platformCWE-532 6.5 Medium2021-08-16
CVE-2021-37708 Command injection in mail agent settings — platformCWE-77 8.8 High2021-08-16
CVE-2021-37707 Manipulation of product reviews via API — platformCWE-20 6.5 Medium2021-08-16
CVE-2021-32717 Private files publicly accessible with Cloud Storage providers — platformCWE-200 7.5 High2021-06-24
CVE-2021-32716 Internal hidden fields are visible on to many associations in admin api — platformCWE-200 4.4 Medium2021-06-24
CVE-2021-32711 Leak of information via Store-API — platformCWE-200 9.1 Critical2021-06-24
CVE-2021-32710 Potential Session Hijacking in Shopware — platformCWE-384 5.9 Medium2021-06-24
CVE-2021-32709 Creation of order credits was not validated by acl in admin orders — platformCWE-306 4.9 Medium2021-06-24

本页汇总了 Shopware 厂商截至目前公开的全部 56 条 CVE 漏洞。每条漏洞均包含 CVSS 评分、CWE 弱点分类、受影响产品与参考链接,并附带 AI 生成的中文分析以便快速判断风险。