shopware/platform
packagist · The Shopware e-commerce core · Repository · Package
Security Advisories for shopware/platform in packagist
Moderate
about 2 months ago
Shopware race condition bypasses voucher restrictions
packagist
shopware/platform
Low
6 months ago
Shopware default newsletter opt-in settings allow for mass sign-up abuse
packagist
shopware/platform, shopware/core
Moderate
6 months ago
Shopware Broken ACL on Document retrieval to access other customers documents
packagist
shopware/platform, shopware/core
High
6 months ago
Shopware Vulnerable to Blind SQL-injection in DAL aggregations
packagist
shopware/platform, shopware/core
High
6 months ago
Shopware allows Denial Of Service via password length
packagist
shopware/platform, shopware/core
Moderate
6 months ago
Shopware 6 allows attackers to check for registered accounts through the store-api
packagist
shopware/platform, shopware/core
Moderate
about 1 year ago
Shopware vulnerable to blind SQL-injection in DAL aggregations
packagist
shopware/core, shopware/platform
High
about 1 year ago
Shopware vulnerable to Server Side Template Injection in Twig using Context functions
packagist
shopware/core, shopware/platform
High
about 1 year ago
Shopware vulnerable to Server Side Template Injection in Twig using deprecation silence tag
packagist
shopware/core, shopware/platform
Moderate
about 1 year ago
Shopware vulnerable to Improper Access Control with ManyToMany associations in store-api
packagist
shopware/platform, shopware/core
Moderate
over 1 year ago
Shopware Improper Session Handling in store-api account logout
packagist
shopware/platform, shopware/core
Critical
over 1 year ago
Shopware's session is persistent in Cache for 404 pages
packagist
shopware/platform, shopware/storefront
Moderate
over 1 year ago
Broken Access Control order API in Shopware
packagist
shopware/platform, shopware/core
High
over 2 years ago
Improper Control of Generation of Code in Twig rendered views
packagist
shopware/core, shopware/platform
Moderate
over 2 years ago
Shopware has Improper Input Validation issue in newsletter subscription
packagist
shopware/core, shopware/platform
Low
over 2 years ago
Shopware has Insufficient Session Expiration in Administration
packagist
shopware/core, shopware/platform
Low
over 2 years ago
Shopware's log module vulnerable to Improper Output Neutralization
packagist
shopware/core, shopware/platform
Critical
over 2 years ago
Shopware vulnerable to Improper Control of Generation of Code in Twig rendered views
packagist
shopware/core, shopware/platform
Moderate
over 2 years ago
Shopware vulnerable to Improper Input Validation of Clearance sale in cart
packagist
shopware/core, shopware/platform
High
over 3 years ago
Shopware database password is leaked to an unauthenticated users
packagist
shopware/platform, shopware/core
High
over 3 years ago
Improper Access Control in Shopware
packagist
shopware/core, shopware/platform
High
over 3 years ago
Server-Side Request Forgery (SSRF) in Shopware
packagist
shopware/core, shopware/platform
Moderate
over 3 years ago
HTTP caching is marking private HTTP headers as public in Shopware
packagist
shopware/storefront, shopware/core, shopware/platform
Moderate
over 3 years ago
HTML injection possibility in voucher code form in Shopware
packagist
shopware/storefront, shopware/core, shopware/platform
Low
over 3 years ago
Shopware user session is not logged out if the password is reset via password recovery
packagist
shopware/core, shopware/platform
Moderate
over 3 years ago
Shopware guest session is shared between customers
packagist
shopware/storefront, shopware/platform
Critical
almost 4 years ago
Webcache Poisoning in shopware/platform and shopware/core
packagist
shopware/platform, shopware/core
High
about 4 years ago
Exposure of Sensitive Information to an Unauthorized Actor
packagist
shopware/platform
Moderate
about 4 years ago
Exposure of Sensitive Information to an Unauthorized Actor
packagist
shopware/platform
Critical
about 4 years ago
Exposure of Sensitive Information to an Unauthorized Actor
packagist
shopware/platform
Moderate
about 4 years ago
Insecure direct object reference of log files of the Import/Export feature
packagist
shopware/core, shopware/platform
High
about 4 years ago
Command injection in mail agent settings
packagist
shopware/core, shopware/platform
Moderate
about 4 years ago
Manipulation of product reviews via API
packagist
shopware/core, shopware/platform
High
about 4 years ago
Cross-Site Scripting via SVG media files
packagist
shopware/platform, shopware/core
High
about 4 years ago
Authenticated server-side request forgery in file upload via URL.
packagist
shopware/core, shopware/platform
Moderate
over 4 years ago
non-admin users can create integration role with administrator role
packagist
shopware/core, shopware/platform
Moderate
over 4 years ago
Internal hidden fields are visible on to many associations in admin api
packagist
shopware/core, shopware/platform
High
over 4 years ago
Private files publicly accessible with Cloud Storage providers
packagist
shopware/core, shopware/platform
Low
over 4 years ago
Creation of order credits was not validated by acl in admin orders
packagist
shopware/core, shopware/platform
Moderate
over 4 years ago
Canceling of orders not related to the logged-in user
packagist
shopware/core, shopware/platform
Critical
over 4 years ago
After order payment process manipulation in shopware/platform and shopware/core
packagist
shopware/core, shopware/platform
Critical
over 4 years ago
Leak of information via Store-API aggregations in shopware/platform and shopware/core
packagist
shopware/platform, shopware/core
Low
almost 5 years ago
Authenticated Server Side Request Forgery
packagist
shopware/core, shopware/platform
Low
almost 5 years ago
Information exposure via query strings in URL
packagist
shopware/core, shopware/platform
Low
almost 5 years ago
Authenticated Privilege Escalation
packagist
shopware/core, shopware/platform
Low
almost 5 years ago
Denial of Service via Cache Flooding
packagist
shopware/core, shopware/platform
Moderate
almost 5 years ago
Authenticated XML External Entity Processing
packagist
shopware/core, shopware/platform
Low
about 5 years ago
Non-persistent XSS in the Storefront in Shopware
packagist
shopware/core, shopware/platform
Low
about 5 years ago
RCE in Third Party Library in Shopware
packagist
shopware/core, shopware/platform