CVE-2016-3109by Jeremyin Security Bulletinson Posted on April 21, 2017 The backend/Login/load/ script in Shopware before 5.1.5 allows remote attackers to execute arbitrary code.