50 matches found
CVE-2026-48009 Shopware: Admin Account Takeover via User Recovery Hash Exposure
Shopware is an open commerce platform. Prior to 6.6.10.18 and 6.7.10.1, a low-privilege admin user with userrecovery:read ACL can take over any admin account by triggering POST /api/action/user/user-recovery, reading the password recovery hash through POST /api/search/user-recovery, and using PAT...
CVE-2026-48009 Shopware: Admin Account Takeover via User Recovery Hash Exposure
Shopware is an open commerce platform. Prior to 6.6.10.18 and 6.7.10.1, a low-privilege admin user with userrecovery:read ACL can take over any admin account by triggering POST /api/action/user/user-recovery, reading the password recovery hash through POST /api/search/user-recovery, and using PAT...
EUVD-2026-45238
Shopware is an open commerce platform. Prior to 6.6.10.18 and 6.7.10.1, SVG files are in the allowedextensions whitelist in src/Core/Framework/Resources/config/packages/shopware.yaml and can be uploaded via the media manager without SVG content sanitization in the upload pipeline from...
Cross-site Scripting (XSS)
Overview shopware/platform is a Shopware e-commerce core. Affected versions of this package are vulnerable to Cross-site Scripting XSS via the SVG file upload process. An attacker can execute arbitrary JavaScript in the context of the application by uploading a malicious SVG file containing...
User Impersonation
Overview shopware/platform is a Shopware e-commerce core. Affected versions of this package are vulnerable to User Impersonation via the handle-payment endpoint. An attacker can trigger payment flows for orders belonging to other users by supplying a valid foreign orderId, potentially causing...
Missing Authorization
Overview shopware/platform is a Shopware e-commerce core. Affected versions of this package are vulnerable to Missing Authorization in the orderStateTransition process. An attacker can modify order states without proper privileges by sending crafted API requests directly to the affected endpoints...
Weak Password Recovery Mechanism for Forgotten Password
Overview shopware/platform is a Shopware e-commerce core. Affected versions of this package are vulnerable to Weak Password Recovery Mechanism for Forgotten Password in the userrecovery process. An attacker can gain unauthorized access to any admin account by triggering a password recovery for th...
EUVD-2026-11663
Shopware is an open commerce platform. /api/info/config route exposes information about licenses. This vulnerability is fixed in 7.8.1 and 6.10.15...
CVE-2026-32142 shopware/commercial: `/api/_info/config` route exposes information about licenses
Shopware is an open commerce platform. /api/info/config route exposes information about licenses. This vulnerability is fixed in 7.8.1 and 6.10.15...
EUVD-2026-11642
Shopware is an open commerce platform. /api/info/config route exposes information about active security fixes. This vulnerability is fixed in 2.0.16, 3.0.12, and 4.0.7...
PT-2026-25031
Shopware is an open commerce platform. /api/ info/config route exposes information about active security fixes. This vulnerability is fixed in 2.0.16, 3.0.12, and 4.0.7...
PT-2026-25040
CVE-2026-32142 Shopware is an open commerce platform. /api/ info/config route exposes information about licenses. This vulnerability is fixed in 7.8.1 and 6.10.15. https://t.co/miVHOhaAoF...
User Impersonation
Overview shopware/platform is a Shopware e-commerce core. Affected versions of this package are vulnerable to User Impersonation in the app registration process. An attacker can gain unauthorized access to sensitive API credentials by exploiting the ability to update the shop-url during...
CVE-2026-31888
Shopware is an open commerce platform. Prior to 6.7.8.1 and 6.6.10.15, the Store API login endpoint POST /store-api/account/login returns different error codes depending on whether the submitted email address belongs to a registered customer CHECKOUTCUSTOMERAUTHBADCREDENTIALS or is unknown...
CVE-2026-25878
FroshAdminer is the Adminer plugin for Shopware Platform. Prior to 2.2.1, the Adminer route /admin/adminer was accessible without Shopware admin authentication. The route was configured with authrequired=false and performed no session validation, exposing the Adminer UI to unauthenticated users...
CVE-2026-25878
FroshAdminer is the Adminer plugin for Shopware Platform. Prior to 2.2.1, the Adminer route /admin/adminer was accessible without Shopware admin authentication. The route was configured with authrequired=false and performed no session validation, exposing the Adminer UI to unauthenticated users...
CVE-2026-25878 FroshAdminer Adminer UI is accessible without admin session
FroshAdminer is the Adminer plugin for Shopware Platform. Prior to 2.2.1, the Adminer route /admin/adminer was accessible without Shopware admin authentication. The route was configured with authrequired=false and performed no session validation, exposing the Adminer UI to unauthenticated users...
CVE-2026-25878
FroshAdminer (Shopware Platform) vulnerable in versions prior to 2.2.1 where the Adminer UI at /admin/adminer was exposed without Shopware admin authentication due to auth_required=false and no session validation. This allowed unauthenticated access to the Adminer UI, with a potentially limited i...
CVE-2026-25878 FroshAdminer Adminer UI is accessible without admin session
FroshAdminer is the Adminer plugin for Shopware Platform. Prior to 2.2.1, the Adminer route /admin/adminer was accessible without Shopware admin authentication. The route was configured with authrequired=false and performed no session validation, exposing the Adminer UI to unauthenticated users...
CVE-2026-25878 FroshAdminer Adminer UI is accessible without admin session
FroshAdminer is the Adminer plugin for Shopware Platform. Prior to 2.2.1, the Adminer route /admin/adminer was accessible without Shopware admin authentication. The route was configured with authrequired=false and performed no session validation, exposing the Adminer UI to unauthenticated users...