Vulnerabilidades em sylius
25 resultadosCVE-2020-15146CRITICALRemote Code Execution in SyliusResourceBundleEPSS 2.1%CVE-2020-15143HIGHRemote Code Execution in SyliusResourceBundleEPSS 1.9%CVE-2021-41120HIGHUnauthorized access to Credit card form in sylius/paypal-pluginEPSS 1.5%CVE-2022-24752CRITICALSQL Injection through sorting parameters in SyliusGridBundleEPSS 1.3%CVE-2022-24743HIGHInsufficient Session Expiration in SyliusEPSS 1.2%CVE-2022-24749MEDIUMBasic Cross-site Scripting and Unrestricted Upload of File with Dangerous Type in SyliusEPSS 1.1%CVE-2021-32720MEDIUMList of order ids, number, items total and token value exposed for unauthorized uses via new APIEPSS 0.9%CVE-2022-24733MEDIUMImproper Restriction of Rendered UI Layers or Frames in SyliusEPSS 0.9%CVE-2022-24742MEDIUMExposure of Sensitive Information Due to Incompatible Policies in SyliusEPSS 0.8%CVE-2019-16768LOWInternal exception message exposure for login action in SyliusEPSS 0.7%CVE-2020-5220MEDIUMAbility to expose data in Sylius by using an unintended serialisation groupEPSS 0.7%CVE-2020-15245MEDIUMEmail verification bypass in SyliusEPSS 0.6%CVE-2020-5218MEDIUMAbility in Sylius to switch channels via GET parameter enabled in production environmentsEPSS 0.6%CVE-2025-29788MEDIUMSylius PayPal Plugin Payment Amount Manipulation VulnerabilityEPSS 0.5%CVE-2024-34349MEDIUMSylius potentially vulnerable to Cross Site Scripting via "Name" field (Taxons, Products, Options, Variants) in Admin PanelEPSS 0.4%CVE-2024-40633MEDIUMCustomer data leak via adjustments API endpoint in SyliusEPSS 0.4%CVE-2025-30152MEDIUMSylius PayPal Plugin has an Order Manipulation Vulnerability after PayPal CheckoutEPSS 0.3%CVE-2026-31820HIGHSylius affected by IDOR in Cart and Checkout LiveComponentsEPSS 0.3%CVE-2021-3841MEDIUMStored Cross-site Scripting (XSS) in sylius/syliusEPSS 0.2%CVE-2026-31825MEDIUMSylius has a DQL Injection via API Order FiltersEPSS 0.2%