CRITICALπŸ‡΅πŸ‡± Wersja polska

CVE-2016-3109

CVSS 9.8v3.0pub. 2017-04-21upd. 2026-05-13

The backend/Login/load/ script in Shopware before 5.1.5 allows remote attackers to execute arbitrary code.

CVSS Vector
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  • Shopware

    APP
    Shopware
    ≀ 5.1.4
πŸ”΅
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
Tags
RCE
CWE
References

Related vulnerabilities

CVE-2024-22406CRITICAL9.3PL βœ“ten sam produkt

SQL injection w API wyszukiwania Shopware przez pole 'name' agregacji

CVE-2023-22731CRITICAL9.9ten sam produkt

Shopware is an open source commerce platform based on Symfony Framework and Vue js. In a Twig environment **wi...

CVE-2021-32711CRITICAL9.1ten sam produkt

Shopware is an open source eCommerce platform. Versions prior to 6.3.5.1 may leak of information via Store-API...

CVE-2026-31887HIGH8.9ten sam produkt

Shopware is an open commerce platform. Prior to 6.7.8.1 and 6.6.10.15, an insufficient check on the filter typ...

CVE-2026-31889HIGH8.9ten sam produkt

Shopware is an open commerce platform. Prior to 6.6.10.15 and 6.7.8.1, a vulnerability in the Shopware app reg...

CVE-2016-3109 β€” Shopware β€” CRITICAL β€” CVSS 9.8 | CVEbaza.pl