Filter
AND
Versions
MagentoMagento Commerce Failure To Invalidate User Session Could Lead To Unauthorized Access
7.5
First published (updated )
Adobe CommerceMagento Commerce Improper Input Validation During Checkout Process Could Lead To Privilege Escalation
7.5
First published (updated )
MagentoMagento Commerce insecure storage of sensitive documentation
7.5
First published (updated )
Adobe CommerceMagento Commerce Path Traversal In `theme[preview_image]` Parameter Could Lead To Remote Code Execution
7.2
First published (updated )
Adobe Magento CommerceAdobe Commerce Improper Limitation of a Pathname to a Restricted Directory Arbitrary code execution
8.8
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Adobe CommerceMagento Commerce Improper Input Validation Could Lead To Information Exposure and Privilege Escalation
8.8
First published (updated )
Adobe Magento CommerceAdobe Commerce Improper Access Control Privilege escalation
8.8
First published (updated )
Adobe CommerceMagento Commerce Authenticated Blind SSRF Could Lead To Remote Code Execution
8
First published (updated )
MagentoMagento Commerce Failure To Invalidate User Session Could Lead To Unauthorized Access
7.5
First published (updated )
Adobe CommerceMagento Commerce GraphQL Improper Input Validation Could Lead To Denial Of Service
7.5
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
MagentoMagento Commerce Stored Cross-site Scripting Could Lead To Arbitrary Javascript Execution
8.1
First published (updated )
Adobe Magento Commerce[CVE-2021-36032] Magento IDOR Leads to Account Takeover
8.8
First published (updated )
MagentoMagento Commerce CMS Page Improper Input Validation Could Lead To Remote Code Execution
7.2
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
MagentoPRODSECBUG-2376: Remote code execution through crafted page layout and image data
8.8
First published (updated )
MagentoPRODSECBUG-2446: Remote code execution via custom layout update in create product functionality
8.8
First published (updated )
MagentoPRODSECBUG-2407: Remote code execution due to unsafe PHP archieve deserialization in the import func…
7.2
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
MagentoIn Magento prior to 1.9.4.3, and Magento prior to 1.14.4.3, an authenticated user with administrativ…
7.2
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
MagentoPRODSECBUG-2449: Remote code execution via local file delete and XSLT injection
7.2
First published (updated )
MagentoPRODSECBUG-2414: Remote code execution through custom layout update of the content management functi…
8.8
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.