Ecosyste.ms: Packages

An open API service providing package, version and dependency metadata of many open source software ecosystems and registries.

Top 1.1% on packagist.org
Top 1.0% downloads on packagist.org
Top 2.7% dependent packages on packagist.org
Top 1.6% dependent repos on packagist.org
Top 0.1% forks on packagist.org

packagist.org : shopware/platform

The Shopware e-commerce core

Registry - Source - Homepage - JSON
purl: pkg:composer/shopware/platform
Keywords: framework, shopware, api-first-cms, apifirst, digital-commerce, ecommerce, ecommerce-platform, experience-commerce, experience-manager, hacktoberfest, headless-cms, magento, online-shop, online-store, php, prestashop, shop, shopping-cart, storefront, symfony, vuejs
License: MIT
Latest release: almost 4 years ago
First release: 10 months ago
Namespace: shopware
Dependent packages: 6
Dependent repositories: 38
Downloads: 1,114,316 total
Stars: 2,616 on GitHub
Forks: 959 on GitHub
Total Commits: 13268
Committers: 475
Average commits per author: 27.933
Development Distribution Score (DDS): 0.923
More commit stats: commits.ecosyste.ms
See more repository details: repos.ecosyste.ms
Last synced: 1 day ago

Critical

GSA_kwCzR0hTQS1jMmY5LTRqbW0tdjQ1bc4AA5zD

Shopware's session is persistent in Cache for 404 pages
Ecosystems: packagist
Packages: shopware/platform, shopware/storefront
Source: github
Published: about 2 months ago

Moderate

MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTlmOGYtNTc0cS04am1m

Manipulation of product reviews via API
Ecosystems: packagist
Packages: shopware/core, shopware/platform
Source: github
Published: over 2 years ago

High

MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWZjMzgtbXh3ci1wZmh4

Cross-Site Scripting via SVG media files
Ecosystems: packagist
Packages: shopware/platform, shopware/core
Source: github
Published: over 2 years ago

High

MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWdjdnYtZ3E5Mi14OTRy

Authenticated server-side request forgery in file upload via URL.
Ecosystems: packagist
Packages: shopware/core, shopware/platform
Source: github
Published: over 2 years ago

High

GSA_kwCzR0hTQS05d3J2LWc3NWgtOGNjY80_qw

Improper Access Control in Shopware
Ecosystems: packagist
Packages: shopware/core, shopware/platform
Source: github
Published: about 2 years ago

High

GSA_kwCzR0hTQS03Z203LThxOHYtOWdmMs0_qg

Server-Side Request Forgery (SSRF) in Shopware
Ecosystems: packagist
Packages: shopware/core, shopware/platform
Source: github
Published: about 2 years ago

Critical

MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTJwODktNWYyMi04cXZm

Exposure of Sensitive Information to an Unauthorized Actor
Ecosystems: packagist
Packages: shopware/platform
Source: github
Published: over 2 years ago

High

MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTZncjgtYzNtNS1tdnJn

Exposure of Sensitive Information to an Unauthorized Actor
Ecosystems: packagist
Packages: shopware/platform
Source: github
Published: over 2 years ago

Moderate

MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTI0M3EtZzlqMy1xZjZy

non-admin users can create integration role with administrator role
Ecosystems: packagist
Packages: shopware/core, shopware/platform
Source: github
Published: almost 3 years ago

Low

MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWc3dzgtcHA5dy03cDMy

Creation of order credits was not validated by acl in admin orders
Ecosystems: packagist
Packages: shopware/core, shopware/platform
Source: github
Published: almost 3 years ago

Moderate

MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXdxM3ItandycS14ZzZ3

Canceling of orders not related to the logged-in user
Ecosystems: packagist
Packages: shopware/core, shopware/platform
Source: github
Published: almost 3 years ago

Low

MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXF2YzUtY2Zyci0zODR2

RCE in Third Party Library in Shopware
Ecosystems: packagist
Packages: shopware/core, shopware/platform
Source: github
Published: over 3 years ago

Low

MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWg5cTgtNWd2Mi12Nm1n

Potential Session Hijacking
Ecosystems: packagist
Packages: shopware/platform
Source: github
Published: about 3 years ago

Critical

MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWYydnYtaDV4NC01N2dy

Leak of information via Store-API
Ecosystems: packagist
Packages: shopware/platform
Source: github
Published: about 3 years ago

Low

MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWp2ZzQtOXJjMi13dmNy

Generation of fake documents via public GET-call
Ecosystems: packagist
Packages: shopware/platform
Source: github
Published: about 3 years ago

Moderate

MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTh4djktcWNyOS13dzlq

Authenticated XML External Entity Processing
Ecosystems: packagist
Packages: shopware/core, shopware/platform
Source: github
Published: over 3 years ago

Low

MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXF2aHItNTVoZy0zcXd2

Non-persistent XSS in the Storefront in Shopware
Ecosystems: packagist
Packages: shopware/core, shopware/platform
Source: github
Published: over 3 years ago

High

GSA_kwCzR0hTQS1yNHBoLW14NjcteDU4cM4AAleY

Shopware database password is leaked to an unauthenticated users
Ecosystems: packagist
Packages: shopware/platform, shopware/shopware, shopware/core
Source: github
Published: almost 2 years ago

High

MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXhoNTUtMmZxcC1wNzc1

Command injection in mail agent settings
Ecosystems: packagist
Packages: shopware/core, shopware/platform
Source: github
Published: over 2 years ago

Moderate

MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTU0Z3AtcWZmOC05NDZj

Insecure direct object reference of log files of the Import/Export feature
Ecosystems: packagist
Packages: shopware/core, shopware/platform
Source: github
Published: over 2 years ago

Moderate

MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWdwbWgtZzk0Zy1xcmhy

Internal hidden fields are visible on to many associations in admin api
Ecosystems: packagist
Packages: shopware/core, shopware/platform
Source: github
Published: almost 3 years ago

High

GSA_kwCzR0hTQS01dm1nLXg5OWctMzk2cc4AAld_

Shopware vulnerable to SSRF
Ecosystems: packagist
Packages: shopware/platform
Source: github
Published: almost 2 years ago

Critical

MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXFnN2MtcTN2cS1yZ3hy

Leak of information via Store-API aggregations in shopware/platform and shopware/core
Ecosystems: packagist
Packages: shopware/platform, shopware/core
Source: github
Published: about 3 years ago

Moderate

GSA_kwCzR0hTQS01Mjk3LXdycnAtcmNqN84AA6ui

Shopware Improper Session Handling in store-api account logout
Ecosystems: packagist
Packages: shopware/platform, shopware/core
Source: github
Published: 21 days ago

Moderate

MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXBqajQtampnYy1oM3I4

Authenticated remote code execution
Ecosystems: packagist
Packages: shopware/platform
Source: github
Published: about 3 years ago

Moderate

MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWM3dmctdzhxOC1jM3dm

Session Fixation
Ecosystems: packagist
Packages: shopware/platform
Source: github
Published: over 2 years ago

Low

MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLThwZmgtbW0yZy1obWMz

Authenticated Server Side Request Forgery
Ecosystems: packagist
Packages: shopware/core, shopware/platform
Source: github
Published: over 3 years ago

Low

MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWNxNmgtdzNtYy01N2Y0

Information exposure via query strings in URL
Ecosystems: packagist
Packages: shopware/core, shopware/platform
Source: github
Published: over 3 years ago

Low

MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTVxNTgteDVoMi12NXJ4

Authenticated Privilege Escalation
Ecosystems: packagist
Packages: shopware/core, shopware/platform
Source: github
Published: over 3 years ago

High

MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXZyZjIteGdoci1qNTJ2

Private files publicly accessible with Cloud Storage providers
Ecosystems: packagist
Packages: shopware/core, shopware/platform
Source: github
Published: almost 3 years ago

Critical

MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTg4cmMtM3A5OC1yZ3Z4

After order payment process manipulation in shopware/platform and shopware/core
Ecosystems: packagist
Packages: shopware/core, shopware/platform
Source: github
Published: about 3 years ago

Moderate

GSA_kwCzR0hTQS1meGYzLXd4M2MtNzZwZs4AAleW

Shopware vulnerable to Cross-site Scripting
Ecosystems: packagist
Packages: shopware/platform
Source: github
Published: almost 2 years ago

Moderate

GSA_kwCzR0hTQS00Nmg3LXZqN3gtZnhnMs4AAxG8

Shopware has Improper Input Validation issue in newsletter subscription
Ecosystems: packagist
Packages: shopware/core, shopware/platform
Source: github
Published: over 1 year ago

Low

GSA_kwCzR0hTQS01OXFnLTkzamctMjM2Zs4AAxG7

Shopware has Insufficient Session Expiration in Administration
Ecosystems: packagist
Packages: shopware/core, shopware/platform
Source: github
Published: over 1 year ago

Low

GSA_kwCzR0hTQS03Y3A3LWpmcDYtamg0Zs4AAxFz

Shopware's log module vulnerable to Improper Output Neutralization
Ecosystems: packagist
Packages: shopware/core, shopware/platform
Source: github
Published: over 1 year ago

Critical

GSA_kwCzR0hTQS05M2N3LWY1amoteDg1d84AAxBk

Shopware vulnerable to Improper Control of Generation of Code in Twig rendered views
Ecosystems: packagist
Packages: shopware/core, shopware/platform
Source: github
Published: over 1 year ago

Moderate

GSA_kwCzR0hTQS04cjZoLW03MnYtMzhmZ84AAxBj

Shopware vulnerable to Improper Input Validation of Clearance sale in cart
Ecosystems: packagist
Packages: shopware/core, shopware/platform
Source: github
Published: over 1 year ago

Moderate

GSA_kwCzR0hTQS02d3JoLTI3OWotNmh2d80xMQ

HTTP caching is marking private HTTP headers as public in Shopware
Ecosystems: packagist
Packages: shopware/storefront, shopware/core, shopware/platform
Source: github
Published: about 2 years ago

Low

GSA_kwCzR0hTQS13MjY3LW05YzQtODU1Nc0xLw

Shopware user session is not logged out if the password is reset via password recovery
Ecosystems: packagist
Packages: shopware/core, shopware/platform
Source: github
Published: about 2 years ago

Critical

GSA_kwCzR0hTQS1xbXA5LTJ4d2otbTZtOc4AA4ie

Blind SQL injection in shopware
Ecosystems: packagist
Packages: shopware/platform, shopware/core
Source: github
Published: 3 months ago

Moderate

GSA_kwCzR0hTQS0zODY3LWpjNWMtNjZxZs4AA4if

Broken Access Control order API in Shopware
Ecosystems: packagist
Packages: shopware/platform, shopware/core
Source: github
Published: 3 months ago

Moderate

MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTY4djktM2pqcS1ydnA0

Exposure of Sensitive Information to an Unauthorized Actor
Ecosystems: packagist
Packages: shopware/platform
Source: github
Published: over 2 years ago

Moderate

MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXA2OTYtZ2Y1OC05dzk3

Missing Authentication for Critical Function
Ecosystems: packagist
Packages: shopware/platform
Source: github
Published: almost 3 years ago

Low

MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXA2OHYtZnJneC00cmpw

Denial of Service via Cache Flooding
Ecosystems: packagist
Packages: shopware/core, shopware/platform
Source: github
Published: over 3 years ago

Moderate

GSA_kwCzR0hTQS05NTJwLWZxY3AtZzhwY80xMA

HTML injection possibility in voucher code form in Shopware
Ecosystems: packagist
Packages: shopware/storefront, shopware/core, shopware/platform
Source: github
Published: about 2 years ago

Moderate

GSA_kwCzR0hTQS1qcDZoLW14aHgtcGdxaM0xLg

Shopware guest session is shared between customers
Ecosystems: packagist
Packages: shopware/storefront, shopware/platform
Source: github
Published: about 2 years ago

High

GSA_kwCzR0hTQS03djJ2LTlybTQtN204Zs4AAy1O

Improper Control of Generation of Code in Twig rendered views
Ecosystems: packagist
Packages: shopware/core, shopware/platform
Source: github
Published: about 1 year ago

Critical

GSA_kwCzR0hTQS1yNjRtLXFjaGotaHJqcM0YFg

Webcache Poisoning in shopware/platform and shopware/core
Ecosystems: packagist
Packages: shopware/platform, shopware/core
Source: github
Published: over 2 years ago