Lucene search
+L

1010 matches found

NVD
NVD
added yesterday4 views

CVE-2026-48015

Shopware is an open commerce platform. Prior to 6.6.10.18 and 6.7.10.1, SVG files are in the allowedextensions whitelist in src/Core/Framework/Resources/config/packages/shopware.yaml and can be uploaded via the media manager without SVG content sanitization in the upload pipeline from...

4.9CVSS0.00039EPSS
Exploits0References5
NVD
NVD
added yesterday6 views

CVE-2026-48010

Shopware is an open commerce platform. Prior to 6.6.10.18 and 6.7.10.1, UserController::upsertUser in src/Core/Framework/Api/Controller/UserController.php writes raw user data in SYSTEMSCOPE without filtering the admin field, so a non-admin API user with user:create or user:update ACL permission...

6.5CVSS0.00034EPSS
Exploits0References5
NVD
NVD
added yesterday6 views

CVE-2026-48014

Shopware is an open commerce platform. Prior to 6.6.10.18 and 6.7.10.1, the order state transition features /api/action/order/orderId/state/transition and similar transaction and delivery transition routes in src/Core/Checkout/Order/Api/OrderActionController.php do not declare...

6.5CVSS0.00041EPSS
Exploits0References5
NVD
NVD
added yesterday6 views

CVE-2026-48008

Shopware is an open commerce platform. Prior to 6.6.10.18 and 6.7.10.1, a non-admin API user with integration:create ACL privilege can escalate to full administrator by creating an integration with admin: true through the Sync API POST /api/action/sync; the regular integration endpoint POST...

6.5CVSS0.00034EPSS
Exploits0References5
NVD
NVD
added yesterday7 views

CVE-2026-48009

Shopware is an open commerce platform. Prior to 6.6.10.18 and 6.7.10.1, a low-privilege admin user with userrecovery:read ACL can take over any admin account by triggering POST /api/action/user/user-recovery, reading the password recovery hash through POST /api/search/user-recovery, and using PAT...

6.8CVSS0.00034EPSS
Exploits0References6
Vulnrichment
Vulnrichment
added yesterday4 views

CVE-2026-48009 Shopware: Admin Account Takeover via User Recovery Hash Exposure

Shopware is an open commerce platform. Prior to 6.6.10.18 and 6.7.10.1, a low-privilege admin user with userrecovery:read ACL can take over any admin account by triggering POST /api/action/user/user-recovery, reading the password recovery hash through POST /api/search/user-recovery, and using PAT...

6.8CVSS5.3AI score0.00034EPSS
Exploits0References6
Cvelist
Cvelist
added yesterday17 views

CVE-2026-48009 Shopware: Admin Account Takeover via User Recovery Hash Exposure

Shopware is an open commerce platform. Prior to 6.6.10.18 and 6.7.10.1, a low-privilege admin user with userrecovery:read ACL can take over any admin account by triggering POST /api/action/user/user-recovery, reading the password recovery hash through POST /api/search/user-recovery, and using PAT...

6.8CVSS0.00034EPSS
Exploits0References6
CVE
CVE
added yesterday23 views

CVE-2026-48009

Shopware vulnerability CVE-2026-48009: A low-privilege admin with user_recovery:read can takeover any admin by triggering password recovery, reading the recovery hash via Admin API, and resetting the password. Root cause: the hash field in UserRecoveryDefinition was exposed in the Admin API (no A...

6.8CVSS5.3AI score0.00034EPSS
Exploits0References6
EUVD
EUVD
added yesterday5 views

EUVD-2026-45242

Shopware is an open commerce platform. Prior to 6.6.10.18 and 6.7.10.1, a low-privilege admin user with userrecovery:read ACL can take over any admin account by triggering POST /api/action/user/user-recovery, reading the password recovery hash through POST /api/search/user-recovery, and using PAT...

6.8CVSS5.4AI score0.00034EPSS
Exploits0References6
CVE
CVE
added yesterday25 views

CVE-2026-48014

Summary: CVE-2026-48014 affects Shopware open commerce platforms prior to 6.6.10.18 and 6.7.10.1, where Admin API order state transition routes (/api/_action/order/{orderId}/state/{transition} and related endpoints) could bypass ACL checks. The routes did not declare PlatformRequest::ATTRIBUTE_AC...

6.5CVSS5.3AI score0.00041EPSS
Exploits0References5
Cvelist
Cvelist
added yesterday16 views

CVE-2026-48014 Shopware: Admin API ACL Bypass in Order State Transition Endpoints

Shopware is an open commerce platform. Prior to 6.6.10.18 and 6.7.10.1, the order state transition features /api/action/order/orderId/state/transition and similar transaction and delivery transition routes in src/Core/Checkout/Order/Api/OrderActionController.php do not declare...

6.5CVSS0.00041EPSS
Exploits0References5
EUVD
EUVD
added yesterday5 views

EUVD-2026-45241

Shopware is an open commerce platform. Prior to 6.6.10.18 and 6.7.10.1, the order state transition features /api/action/order/orderId/state/transition and similar transaction and delivery transition routes in src/Core/Checkout/Order/Api/OrderActionController.php do not declare...

6.5CVSS5.3AI score0.00041EPSS
Exploits0References5
CVE
CVE
added yesterday20 views

CVE-2026-48010

Summary: CVE-2026-48010 affects Shopware core prior to versions 6.6.10.18 and 6.7.10.1. The vulnerability arises when UserController::upsertUser() writes raw request data in SYSTEM_SCOPE without filtering the admin field, allowing a non-admin API user with user:create or user:update ACL to set ad...

6.5CVSS5.3AI score0.00034EPSS
Exploits0References5
Cvelist
Cvelist
added yesterday15 views

CVE-2026-48010 Shopware: Privilege escalation: non-admin user with user:create ACL can create admin accounts

Shopware is an open commerce platform. Prior to 6.6.10.18 and 6.7.10.1, UserController::upsertUser in src/Core/Framework/Api/Controller/UserController.php writes raw user data in SYSTEMSCOPE without filtering the admin field, so a non-admin API user with user:create or user:update ACL permission...

6.5CVSS0.00034EPSS
Exploits0References5
EUVD
EUVD
added yesterday4 views

EUVD-2026-45240

Shopware is an open commerce platform. Prior to 6.6.10.18 and 6.7.10.1, UserController::upsertUser in src/Core/Framework/Api/Controller/UserController.php writes raw user data in SYSTEMSCOPE without filtering the admin field, so a non-admin API user with user:create or user:update ACL permission...

6.5CVSS5.4AI score0.00034EPSS
Exploits0References5
Cvelist
Cvelist
added yesterday11 views

CVE-2026-48016 Shopware: Unauthorized Payment Trigger for Foreign Orders via /store-api/handle-payment

Shopware is an open commerce platform. Prior to 6.6.10.18 and 6.7.10.1, the Store API endpoint /store-api/handle-payment in src/Core/Checkout/Payment/SalesChannel/HandlePaymentMethodRoute.php accepts a user-controlled orderId and forwards it to src/Core/Checkout/Payment/PaymentProcessor.php witho...

4.3CVSS0.0005EPSS
Exploits0References5
EUVD
EUVD
added yesterday4 views

EUVD-2026-45239

Shopware is an open commerce platform. Prior to 6.6.10.18 and 6.7.10.1, the Store API endpoint /store-api/handle-payment in src/Core/Checkout/Payment/SalesChannel/HandlePaymentMethodRoute.php accepts a user-controlled orderId and forwards it to src/Core/Checkout/Payment/PaymentProcessor.php witho...

4.3CVSS5.3AI score0.0005EPSS
Exploits0References5
Cvelist
Cvelist
added yesterday11 views

CVE-2026-48015 Shopware: Stored XSS via SVG file upload — no SVG sanitization

Shopware is an open commerce platform. Prior to 6.6.10.18 and 6.7.10.1, SVG files are in the allowedextensions whitelist in src/Core/Framework/Resources/config/packages/shopware.yaml and can be uploaded via the media manager without SVG content sanitization in the upload pipeline from...

4.9CVSS0.00039EPSS
Exploits0References5
CVE
CVE
added yesterday23 views

CVE-2026-48015

Shopware core is affected by CVE-2026-48015 due to SVG files being allowed in the media upload whitelist and not sanitized in the upload pipeline (MediaUploadController → FileSaver → TypeDetector). Prior to versions 6.6.10.18 and 6.7.10.1, uploading SVGs could allow embedded JavaScript (onload, [...

4.9CVSS5.4AI score0.00039EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added yesterday4 views

CVE-2026-48015 Shopware: Stored XSS via SVG file upload — no SVG sanitization

Shopware is an open commerce platform. Prior to 6.6.10.18 and 6.7.10.1, SVG files are in the allowedextensions whitelist in src/Core/Framework/Resources/config/packages/shopware.yaml and can be uploaded via the media manager without SVG content sanitization in the upload pipeline from...

4.9CVSS5.5AI score0.00039EPSS
Exploits0References5
Rows per page
Query Builder