2 matches found
CVE-2026-25878
FroshAdminer is the Adminer plugin for Shopware Platform. Prior to 2.2.1, the Adminer route /admin/adminer was accessible without Shopware admin authentication. The route was configured with authrequired=false and performed no session validation, exposing the Adminer UI to unauthenticated users...
CVE-2025-31477
CVE-2025-31477 concerns the Tauri shell plugin (prior to 2.2.1). The open endpoint allowed system-opening with protocols like file://, smb://, or nfs:// due to improper validation, enabling remote code execution when untrusted input is passed. Affected: tauri-plugin-shell before version 2.2.1. Mi...