9 matches found
CVE-2026-25878
FroshAdminer is the Adminer plugin for Shopware Platform. Prior to 2.2.1, the Adminer route /admin/adminer was accessible without Shopware admin authentication. The route was configured with authrequired=false and performed no session validation, exposing the Adminer UI to unauthenticated users...
FroshAdminer Adminer UI is accessible without admin session
Summary Unauthenticated access to Adminer UI Details The Adminer route /admin/adminer was accessible without Shopware admin authentication. The route was configured with authrequired=false and performed no session validation, exposing the Adminer UI to unauthenticated users. Note: Database access...
CVE-2026-25878
FroshAdminer is the Adminer plugin for Shopware Platform. Prior to 2.2.1, the Adminer route /admin/adminer was accessible without Shopware admin authentication. The route was configured with authrequired=false and performed no session validation, exposing the Adminer UI to unauthenticated users...
CVE-2026-25878
FroshAdminer is the Adminer plugin for Shopware Platform. Prior to 2.2.1, the Adminer route /admin/adminer was accessible without Shopware admin authentication. The route was configured with authrequired=false and performed no session validation, exposing the Adminer UI to unauthenticated users...
CVE-2026-25878 FroshAdminer Adminer UI is accessible without admin session
FroshAdminer is the Adminer plugin for Shopware Platform. Prior to 2.2.1, the Adminer route /admin/adminer was accessible without Shopware admin authentication. The route was configured with authrequired=false and performed no session validation, exposing the Adminer UI to unauthenticated users...
CVE-2026-25878 FroshAdminer Adminer UI is accessible without admin session
FroshAdminer is the Adminer plugin for Shopware Platform. Prior to 2.2.1, the Adminer route /admin/adminer was accessible without Shopware admin authentication. The route was configured with authrequired=false and performed no session validation, exposing the Adminer UI to unauthenticated users...
CVE-2026-25878
FroshAdminer (Shopware Platform) vulnerable in versions prior to 2.2.1 where the Adminer UI at /admin/adminer was exposed without Shopware admin authentication due to auth_required=false and no session validation. This allowed unauthenticated access to the Adminer UI, with a potentially limited i...
CVE-2026-25878 FroshAdminer Adminer UI is accessible without admin session
FroshAdminer is the Adminer plugin for Shopware Platform. Prior to 2.2.1, the Adminer route /admin/adminer was accessible without Shopware admin authentication. The route was configured with authrequired=false and performed no session validation, exposing the Adminer UI to unauthenticated users...
PT-2026-7163
Name of the Vulnerable Software and Affected Versions FroshAdminer versions prior to 2.2.1 Description The Adminer route '/admin/adminer' within the FroshAdminer plugin for Shopware Platform was accessible without requiring Shopware admin authentication. The route was configured without...