Exposición de Magento
CMS, Ecommerce312
score de exposición
34.078
sitios usan
2
en explotación
28
críticos
CVEs
285 resultadosCVE-2021-36044HIGHMagento Commerce GraphQL Improper Input Validation Could Lead To Denial Of ServiceEPSS 1.9%CVE-2019-8116—Insecure authentication and session management vulnerability exists in Magento 2.2 prior to 2.2.10, Magento 2.3 prior to 2.3.3 or 2.3.2-p1. EPSS 1.9%CVE-2019-7896—A remote code execution vulnerability exists in Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. An authEPSS 1.9%CVE-2019-7895—A remote code execution vulnerability exists in Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. An authEPSS 1.9%CVE-2019-7942—A remote code execution vulnerability exists in Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. An authEPSS 1.9%CVE-2019-8122—A remote code execution vulnerability exists in Magento 2.1 prior to 2.1.19, Magento 2.2 prior to 2.2.10, Magento 2.3 prior to 2.3.3. An autEPSS 1.9%CVE-2019-8111—A remote code execution vulnerability exists in Magento 2.2 prior to 2.2.10, Magento 2.3 prior to 2.3.3 or 2.3.2-p1. An authenticated user cEPSS 1.9%CVE-2019-8110—A remote code execution vulnerability exists in Magento 2.2 prior to 2.2.10, Magento 2.3 prior to 2.3.3 or 2.3.2-p1. An authenticated user cEPSS 1.9%CVE-2019-8150—A remote code execution vulnerability exists in Magento 2.2 prior to 2.2.10, Magento 2.3 prior to 2.3.3 or 2.3.2-p1. An authenticated user wEPSS 1.9%CVE-2019-8137—A remote code execution vulnerability exists in Magento 2.2 prior to 2.2.10, Magento 2.3 prior to 2.3.3 or 2.3.2-p1. An authenticated user wEPSS 1.9%CVE-2021-28583HIGHMagento Commerce insecure storage of sensitive documentationEPSS 1.9%CVE-2019-8154—A remote code execution vulnerability exists in Magento 2.2 prior to 2.2.10, Magento 2.3 prior to 2.3.3 or 2.3.2-p1. An authenticated user wEPSS 1.9%CVE-2021-36043HIGHMagento Commerce Authenticated Blind SSRF Could Lead To Remote Code ExecutionEPSS 1.9%CVE-2019-8235—An insecure direct object reference (IDOR) vulnerability exists in Magento 2.3 prior to 2.3.1, 2.2 prior to 2.2.8, and 2.1 prior to 2.1.17 vEPSS 1.9%CVE-2022-34256HIGHAdobe Commerce Improper Authorization Privilege escalationEPSS 1.9%CVE-2019-8119—A remote code execution vulnerability exists in Magento 2.1 prior to 2.1.19, Magento 2.2 prior to 2.2.10, Magento 2.3 prior to 2.3.3. An autEPSS 1.9%CVE-2019-8114—A remote code execution vulnerability exists in Magento 1 prior to 1.9.4.3 and 1.14.4.3, Magento 2.2 prior to 2.2.10, Magento 2.3 prior to 2EPSS 1.9%CVE-2020-3715—Magento versions 2.3.3 and earlier, 2.2.10 and earlier, 1.14.4.3 and earlier, and 1.9.4.3 and earlier have a stored cross-site scripting vulEPSS 1.8%CVE-2020-3758—Magento versions 2.3.3 and earlier, 2.2.10 and earlier, 1.14.4.3 and earlier, and 1.9.4.3 and earlier have a stored cross-site scripting vulEPSS 1.8%CVE-2021-21026MEDIUMMagento Commerce Incorrect permissions Could Lead To Unauthorized AccessEPSS 1.8%
¿Quieres saber si tu infraestructura está expuesta a esto?
Hablar con TrueHacking →