Exposición de Magento
CMS, Ecommerce312
score de exposición
34.078
sitios usan
2
en explotación
28
críticos
CVEs
285 resultadosCVE-2021-28566LOWMagento Commerce information disclosure during upload action leveraging a specially crafted fileEPSS 1.4%CVE-2021-36027MEDIUMMagento Commerce Stored Cross-site Scripting VulnerabilityEPSS 1.4%CVE-2021-39217HIGHOpenMage LTS arbitrary command execution in custom layout update through blocksEPSS 1.3%CVE-2021-32759HIGHData Flow Sanitation Issue FixEPSS 1.3%CVE-2021-41143HIGHOpenMage LTS arbitrary file deletion in customer media allows for remote code executionEPSS 1.3%CVE-2019-8158—An XPath entity injection vulnerability exists in Magento 2.2 prior to 2.2.10, Magento 2.3 prior to 2.3.3 or 2.3.2-p1. An attacker can craftEPSS 1.3%CVE-2019-8127—A SQL injection vulnerability exists in Magento 2.2 prior to 2.2.10, Magento 2.3 prior to 2.3.3 or 2.3.2-p1. An authenticated user with privEPSS 1.3%CVE-2019-7871—A security bypass exists in Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2 that could be abused to execEPSS 1.3%CVE-2020-15244HIGHRCE in MagentoEPSS 1.2%CVE-2019-8121—An insecure component vulnerability exists in Magento 2.1 prior to 2.1.19, Magento 2.2 prior to 2.2.10, Magento 2.3 prior to 2.3.3. Magento EPSS 1.2%CVE-2019-8136—An insecure component vulnerability exists in Magento 2.2 prior to 2.2.10, Magento 2.3 prior to 2.3.3 or 2.3.2-p1. Magento 2 codebase leveraEPSS 1.2%CVE-2021-41231HIGHOpenMage LTS DataFlow upload remote code execution vulnerabilityEPSS 1.2%CVE-2023-29297CRITICALAdmin-to-admin stored XSS via cache poisoningEPSS 1.2%CVE-2019-7881—A cross-site scripting mitigation bypass exists in Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. ThisEPSS 1.2%CVE-2021-21426CRITICALFixes a bug in Zend Framework's Stream HTTP WrapperEPSS 1.2%CVE-2019-7951—An information leakage vulnerability exists in Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. A SOAP wEPSS 1.2%CVE-2019-7886—A cryptograhic flaw exists in Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. A weak cryptograhic mechaEPSS 1.2%CVE-2019-7860—A cryptographically weak pseudo-rando number generator is used in multiple security relevant contexts in Magento 2.1 prior to 2.1.18, MagentEPSS 1.2%CVE-2019-7928—A denial-of-service (DoS) vulnerability exists in Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. By abEPSS 1.2%CVE-2019-7915—A denial-of-service vulnerability exists in Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. Under certaEPSS 1.2%
¿Quieres saber si tu infraestructura está expuesta a esto?
Hablar con TrueHacking →