Composer · packagist.org
o3-shop/shop-ce
Php Remote Include: include/require pulls code from an http(s) URL — remote code injection primitive.
Why PkgRadar flagged v1.6.1-RC9
| Severity | Signal | Evidence |
|---|---|---|
| high | Php Remote Include | include/require pulls code from an http(s) URL — remote code injection primitive. · o3-shop-shop-ce-f7ca3e9/tests/Unit/Internal/Transition/Adapter/TemplateLogic/ScriptLogicTest.php |
| medium | Remote Payload | matched "cUrl " · o3-shop-shop-ce-f7ca3e9/source/Application/Controller/Admin/ShopSeo.php |
| medium | Remote Payload | matched "cUrl " · o3-shop-shop-ce-f7ca3e9/source/Application/Model/Article.php |
| medium | Remote Payload | matched "cURL " · o3-shop-shop-ce-f7ca3e9/source/Application/translations/de/lang.php |
| medium | Remote Payload | matched "cURL " · o3-shop-shop-ce-f7ca3e9/source/Application/translations/en/lang.php |
| medium | Remote Payload | matched "cURL " · o3-shop-shop-ce-f7ca3e9/source/Application/views/admin/de/lang.php |
| medium | Remote Payload | matched "cURL " · o3-shop-shop-ce-f7ca3e9/source/Application/views/admin/en/lang.php |
| medium | Remote Payload | matched "cUrl " · o3-shop-shop-ce-f7ca3e9/source/Core/Smarty/Plugin/function.oxgetseourl.php |
| medium | Remote Payload | matched "curl " · o3-shop-shop-ce-f7ca3e9/source/Internal/Framework/UpdateCheck/UpdateCheckService.php |
| medium | Remote Payload | matched "cUrl " · o3-shop-shop-ce-f7ca3e9/source/Internal/Transition/Adapter/TemplateLogic/SeoUrlLogic.php |
| medium | Remote Payload | matched "curl " · o3-shop-shop-ce-f7ca3e9/tests/Integration/Core/DynImgGeneratorTest.php |
| medium | Remote Payload | matched "curl " · o3-shop-shop-ce-f7ca3e9/tests/Integration/OnlineInfo/OnlineLicenseCheckRequestFormationTest.php |
Scanned versions
| Version | Verdict | Score | Scanned (UTC) |
|---|---|---|---|
v1.6.1-RC9 | High risk | 75 | 2026-05-30 |
Block this in CI
pkgradar gate --ecosystem composer o3-shop/[email protected]