A local file inclusion vulnerability has been reported in Shopware. This vulnerability is due to insufficient input validation in the getTemplateName() method. A remote unauthenticated attacker could exploit this vulnerability by sending a crafted request to the target server. Successful exploitation could lead to information disclosure and achieve arbitrary code execution.