FLAT-BSM1A (CVE-2026-48013)
Server-side request forgery (SSRF) In shopware/platform
0.5
Low
Ecosystem: Packagist
Package: shopware/platform
FLAT-K046D (CVE-2026-48015)
Server side cross-site scripting In shopware/platform
5.6
Medium
Ecosystem: Packagist
Package: shopware/platform
FLAT-6VE10 (CVE-2026-48012)
Uncontrolled external site redirect In shopware/platform
1.2
Low
Ecosystem: Packagist
Package: shopware/platform
FLAT-J2E4C (CVE-2026-48010)
Excessive privileges In shopware/platform
7.5
High
Ecosystem: Packagist
Package: shopware/platform
FLAT-0MI6Z (CVE-2026-48009)
Unauthorized access to screen In shopware/platform
5.9
Medium
Ecosystem: Packagist
Package: shopware/platform
FLAT-4BUKS (CVE-2026-48008)
Improper authorization control for web services In shopware/platform
7.7
High
Ecosystem: Packagist
Package: shopware/platform
FLAT-8NURI (CVE-2026-31889)
Spoofing In shopware/platform
8.3
High
Ecosystem: Packagist
Package: shopware/platform
FLAT-IJN8B (GHSA-r2vg-hvjm-fg38)
Improper authorization control for web services In shopware/platform
0.6
Low
Ecosystem: Packagist
Package: shopware/platform
FLAT-WZDV5 (GHSA-27c9-vp3w-6ww8)
Insecurely deleted files In shopware/platform
2.1
Low
Ecosystem: Packagist
Package: shopware/platform
FLAT-HPF05 (GHSA-3cpp-fv95-mpr5)
Server-side request forgery (SSRF) In shopware/platform
0.5
Low
Ecosystem: Packagist
Package: shopware/platform
FLAT-2WZQZ (GHSA-6wh5-mw9h-5c3w)
Lack of data validation - Path Traversal In shopware/platform
0.5
Low
Ecosystem: Packagist
Package: shopware/platform
FLAT-V2MFJ (GHSA-m895-2hj3-8cg9)
Authentication mechanism absence or evasion In shopware/platform
2.3
Low
Ecosystem: Packagist
Package: shopware/platform
FLAT-9W0L8 (CVE-2025-7954)
Race condition In shopware/platform
2.3
Low
Ecosystem: Packagist
Package: shopware/platform
FLAT-20ESV (CVE-2025-32378)
Insecure service configuration In shopware/platform
2.7
Low
Ecosystem: Packagist
Package: shopware/platform
FLAT-VEFBQ (GHSA-68wv-g3fw-pq7q)
Improper authorization control for web services In shopware/platform
1.7
Low
Ecosystem: Packagist
Package: shopware/platform
FLAT-54IMP (CVE-2025-27892)
SQL injection - Code In shopware/platform
2.7
Low
Ecosystem: Packagist
Package: shopware/platform
FLAT-11TQ4 (CVE-2024-42355)
Server side template injection In shopware/platform
6.2
Medium
Ecosystem: Packagist
Package: shopware/platform
FLAT-Z0NE6 (CVE-2024-22407)
Improper authorization control for web services In shopware/platform
4.6
Medium
Ecosystem: Packagist
Package: shopware/platform
FLAT-YMTEO (CVE-2024-22406)
SQL injection - Code In shopware/platform
6.7
Medium
Ecosystem: Packagist
Package: shopware/platform
FLAT-JFWYK (CVE-2023-22734)
Lack of data validation In shopware/platform
1.3
Low
Ecosystem: Packagist
Package: shopware/platform
FLAT-P94FE (CVE-2023-22733)
Sensitive information stored in logs In shopware/platform
1.2
Low
Ecosystem: Packagist
Package: shopware/platform
FLAT-USFOM (CVE-2023-22731)
Server side template injection In shopware/platform
8.1
High
Ecosystem: Packagist
Package: shopware/platform
FLAT-JOFFN (CVE-2023-22730)
Lack of data validation In shopware/platform
1.3
Low
Ecosystem: Packagist
Package: shopware/platform
FLAT-O6R0J (CVE-2020-13971)
Server side cross-site scripting In shopware/platform
1.2
Low
Ecosystem: Packagist
Package: shopware/platform
FLAT-0O0GN (CVE-2020-13970)
Server-side request forgery (SSRF) In shopware/platform
6.3
Medium
Ecosystem: Packagist
Package: shopware/platform
FLAT-2EWF6 (CVE-2020-13997)
Technical information leak In shopware/platform
6.6
Medium
Ecosystem: Packagist
Package: shopware/platform
FLAT-2NHQD (CVE-2022-24872)
Improper authorization control for web services In shopware/platform
6.2
Medium
Ecosystem: Packagist
Package: shopware/platform
FLAT-6QWI0 (CVE-2022-24744)
Session Fixation In shopware/platform
1.2
Low
Ecosystem: Packagist
Package: shopware/platform
FLAT-WYMK7 (GHSA-r64m-qchj-hrjp)
HTTP request smuggling In shopware/platform
2.7
Low
Ecosystem: Packagist
Package: shopware/platform
FLAT-7CDYQ (CVE-2021-32717)
Business information leak In shopware/platform
2.3
Low
Ecosystem: Packagist
Package: shopware/platform
FLAT-56E99 (CVE-2021-32716)
Business information leak In shopware/platform
4.6
Medium
Ecosystem: Packagist
Package: shopware/platform
FLAT-JGCRT (CVE-2021-32711)
Business information leak In shopware/platform
6.6
Medium
Ecosystem: Packagist
Package: shopware/platform
FLAT-IOLKU (GHSA-c7vg-w8q8-c3wf)
Session Fixation In shopware/platform
0.0
None
Ecosystem: Packagist
Package: shopware/platform
FLAT-D34GJ (CVE-2021-32710)
Session Fixation In shopware/platform
6.6
Medium
Ecosystem: Packagist
Package: shopware/platform
FLAT-5OAQM (CVE-2021-37709)
Restricted fields manipulation In shopware/platform
6.2
Medium
Ecosystem: Packagist
Package: shopware/platform
FLAT-YTUGL (CVE-2021-37708)
OS Command Injection In shopware/platform
6.3
Medium
Ecosystem: Packagist
Package: shopware/platform
FLAT-PYM3T (CVE-2021-37711)
Server-side request forgery (SSRF) In shopware/platform
6.3
Medium
Ecosystem: Packagist
Package: shopware/platform
FLAT-6TJJG (CVE-2021-32709)
Authentication mechanism absence or evasion In shopware/platform
4.6
Medium
Ecosystem: Packagist
Package: shopware/platform
FLAT-UYU1Y (GHSA-vrf2-xghr-j52v)
Business information leak In shopware/platform
6.6
Medium
Ecosystem: Packagist
Package: shopware/platform
FLAT-AI0UM (GHSA-wq3r-jwrq-xg6w)
Improper authorization control for web services In shopware/platform
2.7
Low
Ecosystem: Packagist
Package: shopware/platform
FLAT-CNVHH (GHSA-88rc-3p98-rgvx)
Sensitive information sent insecurely In shopware/platform
1.2
Low
Ecosystem: Packagist
Package: shopware/platform
FLAT-NQIE5 (GHSA-pjj4-jjgc-h3r8)
Lack of data validation In shopware/platform
1.3
Low
Ecosystem: Packagist
Package: shopware/platform
FLAT-4MJON (GHSA-f2vv-h5x4-57gr)
Technical information leak In shopware/platform
2.7
Low
Ecosystem: Packagist
Package: shopware/platform
FLAT-B5RTD (GHSA-jvg4-9rc2-wvcr)
Improper authorization control for web services In shopware/platform
2.7
Low
Ecosystem: Packagist
Package: shopware/platform
FLAT-QJ89Q (GHSA-8pfh-mm2g-hmc3)
Server-side request forgery (SSRF) In shopware/platform
6.8
Medium
Ecosystem: Packagist
Package: shopware/platform
FLAT-5DDQ8 (GHSA-cq6h-w3mc-57f4)
Business information leak In shopware/platform
1.3
Low
Ecosystem: Packagist
Package: shopware/platform
FLAT-PMILM (GHSA-8xv9-qcr9-ww9j)
XML injection (XXE) In shopware/platform
0.6
Low
Ecosystem: Packagist
Package: shopware/platform
FLAT-NXGTM (GHSA-qvhr-55hg-3qwv)
Reflected cross-site scripting (XSS) In shopware/platform
1.3
Low
Ecosystem: Packagist
Package: shopware/platform
FLAT-XNTY4 (GHSA-qvc5-cfrr-384v)
Lack of data validation In shopware/platform
1.3
Low
Ecosystem: Packagist
Package: shopware/platform