Filter
Software
Adobe CommerceAdobe Commerce and Magento Open Source Improper Input Validation Vulnerability
First published (updated )
Magento MagentoMagento Commerce Failure To Invalidate User Session Could Lead To Unauthorized Access
7.5
First published (updated )
Adobe CommerceAdobe Commerce Improper Access Control Security feature bypass
5.3
First published (updated )
Magento MagentoMagento Commerce Cross-Site Request Forgery (CSRF) Could Lead To Unauthorized Data Modification
4.3
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Adobe CommerceAdobe Commerce Stored XSS Arbitrary code execution
6.1
First published (updated )
Magento MagentoMagento Commerce insecure storage of sensitive documentation
7.5
First published (updated )
Magento MagentoStored XSS in customer address upload feature
6.1
First published (updated )
Adobe CommerceAdobe Commerce Improper Limitation of a Pathname to a Restricted Directory Arbitrary code execution
8.8
First published (updated )
Magento MagentoMagento Commerce Blind SQL Injection Could Lead To Unauthorized Access
9.1
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
composer/magento/community-editionMagento Commerce improper authorization allows an authenticated user to perform certain functions without permission
6.5
First published (updated )
Magento MagentoMagento Commerce XML Injection Could Lead To Remote Code Execution
9.1
First published (updated )
Magento MagentoMagento Commerce DOM-based cross-site scripting (XSS) could lead to arbitrary javascript execution
6.9
First published (updated )
Adobe CommerceAdobe Commerce Improper Authorization Privilege escalation
9.8
First published (updated )
Magento MagentoMagento Commerce Improper Access Control Vulnerability
5.3
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Adobe CommerceAdobe Commerce Improper Access Control Privilege escalation
8.8
First published (updated )
Magento MagentoMagnto Commerce Unauthorized Data Modification Could Lead To Arbitrary Code Execution
9.1
First published (updated )
Magento MagentoMagento Commerce Arbitrary Folder Empty Could Lead To Arbitrary Code Execution
9.1
First published (updated )
Magento MagentoMagento Commerce Reflected Cross-site Scripting Vulnerability Could Lead To Arbitrary JavaScript Execution
4.8
First published (updated )
Magento MagentoIncorrect permissions in Inventory module could lead to unauthorized modification of inventory stock data
4.3
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Magento MagentoMagento Commerce Unauthorized Data Modification Could Lead to Arbitrary Code Execution
9.1
First published (updated )
Magento MagentoMagento Commerce Failure To Invalidate User Session Could Lead To Unauthorized Access
7.5
First published (updated )
Magento MagentoMagento Commerce improper Authorization via the 'Create Customer' endpoint
6.5
First published (updated )
Magento MagentoMagento Commerce Stored Cross-site Scripting Could Lead To Arbitrary Javascript Execution
8.1
First published (updated )
Magento MagentoIncorrect permissions in the Integrations component could lead to unauthorized deletion of customer details via REST API
5.5
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Magento MagentoMagento Commerce XML Injection Could Lead To Arbitrary Code Execution
9.1
First published (updated )
Magento MagentoMagento Commerce Incorrect permissions Could Lead To Unauthorized Access
5.3
First published (updated )
Adobe CommerceAdobe Commerce Stored XSS Arbitrary code execution
5.5
First published (updated )
Magento MagentoMagento Commerce improper input validation in customer customer webapi
5.3
First published (updated )
Adobe Commerce[CVE-2021-36032] Magento IDOR Leads to Account Takeover
8.8
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.