Filter
AND
AND
Adobe Magento CommerceAdobe Commerce Improper Access Control Privilege escalation
8.8
First published (updated )
Adobe Magento CommerceAdobe Commerce Improper Limitation of a Pathname to a Restricted Directory Arbitrary code execution
8.8
First published (updated )
Adobe CommerceMagento Commerce GraphQL Improper Input Validation Could Lead To Denial Of Service
7.5
First published (updated )
Adobe CommerceMagento Commerce Authenticated Blind SSRF Could Lead To Remote Code Execution
8
First published (updated )
Adobe CommerceMagento Commerce Improper Input Validation During Checkout Process Could Lead To Privilege Escalation
7.5
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Adobe CommerceMagento Commerce Path Traversal In `theme[preview_image]` Parameter Could Lead To Remote Code Execution
7.2
First published (updated )
Adobe CommerceMagento Commerce Improper Input Validation Could Lead To Information Exposure and Privilege Escalation
8.8
First published (updated )
MagentoMagento versions 2.3.4 and earlier, 2.2.11 and earlier (see note), 1.14.4.4 and earlier, and 1.9.4.4…
7.2
First published (updated )
MagentoMagento versions 2.3.4 and earlier, 2.2.11 and earlier (see note), 1.14.4.4 and earlier, and 1.9.4.4…
7.5
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
MagentoPRODSECBUG-2449: Remote code execution via local file delete and XSLT injection
7.2
First published (updated )
MagentoPRODSECBUG-2376: Remote code execution through crafted page layout and image data
8.8
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
MagentoPRODSECBUG-2446: Remote code execution via custom layout update in create product functionality
8.8
First published (updated )
MagentoPRODSECBUG-2414: Remote code execution through custom layout update of the content management functi…
8.8
First published (updated )
MagentoPRODSECBUG-2407: Remote code execution due to unsafe PHP archieve deserialization in the import func…
7.2
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
MagentoPRODSECBUG-2456: Broken authentication and session managememt
7.5
First published (updated )
MagentoPRODSECBUG-2332: Remote code execution through arbitrary file inclusion
8.8
First published (updated )
MagentoPRODSECBUG-2470: Remote Code Execution in email templates
8.8
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
MagentoPRODSECBUG-2469: Remote Code Execution in email templates
8.8
First published (updated )
MagentoPRODSECBUG-2465: Bypass of user confirmation mechanism
7.5
First published (updated )
composer/magento/community-editionInfoleak, Input Validation
7.5
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.