Exposición de Magento

CMS, Ecommerce

312

score de exposición

34.078

sitios usan

2

en explotación

28

críticos

CVEs

285 resultados

CVE-2020-9584—Magento versions 2.3.4 and earlier, 2.2.11 and earlier (see note), 1.14.4.4 and earlier, and 1.9.4.4 and earlier have a stored cross-site scEPSS 1.2%CVE-2022-35689MEDIUMAdobe Commerce Improper Access Control Security feature bypassEPSS 1.2%CVE-2019-8108—Insecure authentication and session management vulnerability exists in Magento 2.2 prior to 2.2.10, Magento 2.3 prior to 2.3.3 or 2.3.2-p1. EPSS 1.2%CVE-2021-41144HIGHOpenMage LTS authenticated remote code execution through layout updateEPSS 1.2%CVE-2019-7929—An information leakage vulnerability exists in Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. An autheEPSS 1.2%CVE-2019-7849—A defense-in-depth check was added to mitigate inadequate session validation handling by 3rd party checkout modules. This impacts Magento 1.EPSS 1.2%CVE-2019-7854—An insecure direct object reference (IDOR) vulnerability in Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.EPSS 1.1%CVE-2019-8093—An arbitrary file access vulnerability exists in Magento 2.2 prior to 2.2.10, Magento 2.3 prior to 2.3.3 or 2.3.2-p1. An authenticated user EPSS 1.1%CVE-2021-21427CRITICALBackport for CVE-2021-21024 Blind SQLi from Magento 2EPSS 1.1%CVE-2019-7939—A reflected cross-site scripting vulnerability exists on the customer cart checkout page of Magento 2.1 prior to 2.1.18, Magento 2.2 prior tEPSS 1.0%CVE-2019-8130—A SQL injection vulnerability exists in Magento 2.2 prior to 2.2.10, Magento 2.3 prior to 2.3.3 or 2.3.2-p1. A user with store manipulation EPSS 1.0%CVE-2019-8134—A SQL injection vulnerability exists in Magento 2.2 prior to 2.2.10, Magento 2.3 prior to 2.3.3 or 2.3.2-p1. A user with marketing privilegeEPSS 1.0%CVE-2019-8133—A security bypass vulnerability exists in Magento 2.2 prior to 2.2.10, Magento 2.3 prior to 2.3.3 or 2.3.2-p1. A user with privileges to genEPSS 1.0%CVE-2023-29291MEDIUMServer Side Request Forgery (SSRF) in USPS carrier integration configurationEPSS 1.0%CVE-2023-23617MEDIUMOpenMage LTS has DoS vulnerability in MaliciousCode filterEPSS 1.0%CVE-2019-7855—A cryptograhic flaw in Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2 could be abused by an unauthenticEPSS 1.0%CVE-2019-8124—An insufficient logging and monitoring vulnerability exists in Magento 2.1 prior to 2.1.19, Magento 2.2 prior to 2.2.10, Magento 2.3 prior tEPSS 1.0%CVE-2023-22250MEDIUMAdobe Commerce Improper Access Control Security feature bypassEPSS 1.0%CVE-2019-7888—An information disclosure vulnerability exists in Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. An auEPSS 0.9%CVE-2020-15151HIGHObservable Timing Discrepancy in OpenMage LTSEPSS 0.9%

← anteriorpágina 9 / 15siguiente →

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →