FLAT-C7IFE (CVE-2025-67648)
Reflected cross-site scripting (XSS) In shopware/shopware
7.3
High
Ecosystem: Packagist
Package: shopware/shopware
FLAT-1RV0I (GHSA-9v82-vcjx-m76j)
Reflected cross-site scripting (XSS) In shopware/shopware
4.8
Medium
Ecosystem: Packagist
Package: shopware/shopware
FLAT-VY277 (GHSA-83jv-4prm-34g7)
Server side template injection In shopware/shopware
8.1
High
Ecosystem: Packagist
Package: shopware/shopware
FLAT-T6M27 (GHSA-7336-ghhp-f2qj)
Lack of data validation In shopware/shopware
8.1
High
Ecosystem: Packagist
Package: shopware/shopware
FLAT-3C0H1 (GHSA-jqr7-5h7r-ch8p)
Reflected cross-site scripting (XSS) In shopware/shopware
1.3
Low
Ecosystem: Packagist
Package: shopware/shopware
FLAT-7NMCC (GHSA-q3g4-2vw9-xv27)
Lack of data validation In shopware/shopware
8.1
High
Ecosystem: Packagist
Package: shopware/shopware
FLAT-8ZHO6 (CVE-2023-34099)
Asymmetric denial of service In shopware/shopware
2.7
Low
Ecosystem: Packagist
Package: shopware/shopware
FLAT-XZF34 (CVE-2023-34098)
Enabled default configuration In shopware/shopware
2.7
Low
Ecosystem: Packagist
Package: shopware/shopware
FLAT-BEQHM (CVE-2022-48150)
Reflected cross-site scripting (XSS) In shopware/shopware
1.3
Low
Ecosystem: Packagist
Package: shopware/shopware
FLAT-QJSUB (CVE-2022-36101)
Business information leak In shopware/shopware
1.3
Low
Ecosystem: Packagist
Package: shopware/shopware
FLAT-H4ZVL (CVE-2022-36102)
Excessive privileges In shopware/shopware
1.3
Low
Ecosystem: Packagist
Package: shopware/shopware
FLAT-KADJR (CVE-2019-12935)
Reflected cross-site scripting (XSS) In shopware/shopware
1.3
Low
Ecosystem: Packagist
Package: shopware/shopware
FLAT-JYYNQ (CVE-2019-12799)
Insecure deserialization In shopware/shopware
6.3
Medium
Ecosystem: Packagist
Package: shopware/shopware
FLAT-D7R60 (CVE-2017-15374)
Server side cross-site scripting In shopware/shopware
1.3
Low
Ecosystem: Packagist
Package: shopware/shopware
FLAT-A3BOB (CVE-2016-3109)
Lack of data validation In shopware/shopware
8.1
High
Ecosystem: Packagist
Package: shopware/shopware
FLAT-JB1P1 (CVE-2018-20713)
SQL injection - Code In shopware/shopware
6.3
Medium
Ecosystem: Packagist
Package: shopware/shopware
FLAT-FQJEL (CVE-2017-18357)
Lack of data validation - Path Traversal In shopware/shopware
2.3
Low
Ecosystem: Packagist
Package: shopware/shopware
FLAT-8O8WO (CVE-2022-24892)
Account lockout In shopware/shopware
4.5
Medium
Ecosystem: Packagist
Package: shopware/shopware
FLAT-2XZLJ (CVE-2022-24879)
Cross-site request forgery In shopware/shopware
6.6
Medium
Ecosystem: Packagist
Package: shopware/shopware
FLAT-AUUTV (CVE-2022-24873)
Reflected cross-site scripting (XSS) In shopware/shopware
1.3
Low
Ecosystem: Packagist
Package: shopware/shopware
FLAT-6KD1S (CVE-2022-21651)
Uncontrolled external site redirect In shopware/shopware
1.2
Low
Ecosystem: Packagist
Package: shopware/shopware
FLAT-VYH3F (CVE-2022-21652)
Insecure session expiration time In shopware/shopware
0.5
Low
Ecosystem: Packagist
Package: shopware/shopware
FLAT-D1KE9 (CVE-2021-41188)
Server side cross-site scripting In shopware/shopware
4.6
Medium
Ecosystem: Packagist
Package: shopware/shopware
FLAT-KWXTF (CVE-2021-32713)
Server side cross-site scripting In shopware/shopware
1.1
Low
Ecosystem: Packagist
Package: shopware/shopware
FLAT-9WJ5M (CVE-2021-32712)
Business information leak In shopware/shopware
2.7
Low
Ecosystem: Packagist
Package: shopware/shopware
FLAT-TVA13 (GHSA-9vxv-wpv4-f52p)
Technical information leak In shopware/shopware
2.7
Low
Ecosystem: Packagist
Package: shopware/shopware
FLAT-9LHAW (GHSA-f6p7-8xfw-fjqq)
Server side cross-site scripting In shopware/shopware
1.3
Low
Ecosystem: Packagist
Package: shopware/shopware
FLAT-69F1H (GHSA-hrfh-fp4x-crrq)
Server side cross-site scripting In shopware/shopware
1.3
Low
Ecosystem: Packagist
Package: shopware/shopware
FLAT-0NMXW (GHSA-28fw-88hq-6jmm)
Server side cross-site scripting In shopware/shopware
1.3
Low
Ecosystem: Packagist
Package: shopware/shopware
FLAT-3B50Z (GHSA-6gv9-7q4g-pmvm)
Server side cross-site scripting In shopware/shopware
1.3
Low
Ecosystem: Packagist
Package: shopware/shopware
FLAT-U5EFK (SW-20878)
Reflected cross-site scripting (XSS) In shopware/shopware
1.2
Low
Ecosystem: Packagist
Package: shopware/shopware