VIR Vulnerability Intelligence Relay

Package impact

php Packagist / magento/community-edition

Severitycriticalhighmediumlowunknown
0
KEVHas exploit
Reset
CVE Severity CVSS Risk Published Description Impact
CVE-2024-34102 unknown 1.5 2y ago Adobe Commerce and Magento Open Source contain an improper restriction of XML external entity reference (XXE) vulnerability that allows for remote code execution. php
CVE-2022-24086 unknown 1.5 4y ago Adobe Commerce and Magento Open Source contain an improper input validation vulnerability which can allow for arbitrary code execution. php
CVE-2025-54266 unknown 8mo ago Magento vulnerable to stored Cross-Site Scripting (XSS) php
CVE-2025-54263 unknown 8mo ago Magento provides incorrect authorization through a security feature bypass php
CVE-2025-54264 unknown 8mo ago Magento vulnerable to stored Cross-Site Scripting (XSS) php
CVE-2025-54267 unknown 8mo ago Magento vulnerable to privilege escalation due to incorrect authorization php
CVE-2025-49559 unknown 10mo ago Magento vulnerable to path traversal php
CVE-2025-49556 unknown 10mo ago Magento has incorrect authorization issue that leads to arbitrary file system read php
CVE-2025-49555 unknown 10mo ago Magento Cross-Site Request Forgery (CSRF) vulnerability php
CVE-2025-49554 unknown 10mo ago Magento vulnerable to denial of service php
CVE-2025-49558 unknown 10mo ago Magento Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability php
CVE-2025-49557 unknown 10mo ago Magento Cross-site Scripting vulnerability php
CVE-2025-49549 unknown 11mo ago Magento Authenticated Security feature bypass php
CVE-2025-49550 unknown 11mo ago Magento Security feature bypass php
CVE-2025-47110 unknown 1y ago Magneto contains stored XSS vulnerability php
CVE-2025-43585 unknown 1y ago Magento Improper Authorization leading to security feature bypass php
CVE-2025-27206 unknown 1y ago Magento Improper Access Control leads to security feature bypass php
CVE-2025-27191 unknown 1y ago Magento Improper Access Control leads to Security feature bypass php
CVE-2025-27188 unknown 1y ago Magento Improper Authorization vulnerability php
CVE-2025-27192 unknown 1y ago Magento does not properly protect credentials php
CVE-2025-27190 unknown 1y ago Magento Improper Access Control leads to Security feature bypass php
CVE-2025-24434 unknown 1y ago Improper Authorization vulnerability in Magento and Adobe Commerce php
CVE-2025-24437 unknown 1y ago Magento Improper Access Control vulnerability php
CVE-2025-24435 unknown 1y ago Magento Improper Access Control vulnerability php
CVE-2025-24428 unknown 1y ago Magento stored Cross-Site Scripting (XSS) vulnerability php
CVE-2025-24438 unknown 1y ago Magento stored Cross-Site Scripting (XSS) vulnerability php
CVE-2025-24427 unknown 1y ago Magento Improper Access Control vulnerability php
CVE-2025-24429 unknown 1y ago Magento Improper Access Control vulnerability php
CVE-2025-24425 unknown 1y ago Magento Business Logic Error vulnerability php
CVE-2025-24436 unknown 1y ago Magento Improper Access Control vulnerability php
CVE-2025-24432 unknown 1y ago Magento Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability php
CVE-2025-24430 unknown 1y ago Magento Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability php
CVE-2025-24413 unknown 1y ago Magento Stored Cross-Site Scripting (XSS) Vulnerability php
CVE-2025-24408 unknown 1y ago Magento Information Exposure vulnerability php
CVE-2025-24406 unknown 1y ago Adobe Commerce Path Traversal php
CVE-2025-24421 unknown 1y ago Magento Incorrect Authorization vulnerability php
CVE-2025-24416 unknown 1y ago Magento Stored Cross-Site Scripting (XSS) Vulnerability php
CVE-2025-24414 unknown 1y ago Magento Stored Cross-Site Scripting (XSS) Vulnerability php
CVE-2025-24424 unknown 1y ago Magento Improper Access Control vulnerability php
CVE-2025-24417 unknown 1y ago Magento Stored Cross-Site Scripting (XSS) Vulnerability php
CVE-2025-24412 unknown 1y ago Magento Stored Cross-Site Scripting (XSS) Vulnerability php
CVE-2025-24415 unknown 1y ago Magento Stored Cross-Site Scripting (XSS) Vulnerability php
CVE-2025-24411 unknown 1y ago Magento Improper Access Control vulnerability php
CVE-2025-24410 unknown 1y ago Magento Stored Cross-Site Scripting (XSS) Vulnerability php
CVE-2025-24409 unknown 1y ago Adobe Commerce Improper Authorization vulnerability php
CVE-2024-45131 unknown 2y ago Magento Open Source Improper Authorization vulnerability php
CVE-2024-45134 unknown 2y ago Magento Open Source Information Exposure vulnerability php
CVE-2024-45149 unknown 2y ago Magento Open Source Improper Access Control vulnerability php
CVE-2024-45132 unknown 2y ago Magento Open Source Improper Authorization vulnerability php
CVE-2024-45135 unknown 2y ago Magento Open Source Improper Access Control vulnerability php
CVE-2024-45133 unknown 2y ago Magento Open Source Information Exposure vulnerability php
CVE-2024-45121 unknown 2y ago Magento Open Source Improper Access Control vulnerability php
CVE-2024-45125 unknown 2y ago Magento Open Source Incorrect Authorization vulnerability php
CVE-2024-45127 unknown 2y ago Magento Open Source stored Cross-Site Scripting (XSS) vulnerability php
CVE-2024-45123 unknown 2y ago Magento Open Source reflected Cross-Site Scripting (XSS) vulnerability php
CVE-2024-45122 unknown 2y ago Magento Open Source Improper Access Control vulnerability php
CVE-2024-45119 unknown 2y ago Magento Open Source Server-Side Request Forgery (SSRF) vulnerability php
CVE-2024-45120 unknown 2y ago Magento Open Source Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability php
CVE-2024-45129 unknown 2y ago Magento Open Source Improper Access Control vulnerability php
CVE-2024-45130 unknown 2y ago Magento Open Source Improper Access Control vulnerability php
CVE-2024-45116 unknown 2y ago Magento Open Source Cross-Site Scripting (XSS) vulnerability php
CVE-2024-45117 unknown 2y ago Magento Open Source Improper Input Validation vulnerability php
CVE-2024-45128 unknown 2y ago Magento Open Source Improper Authorization vulnerability php
CVE-2024-45118 unknown 2y ago Magento Open Source Improper Access Control vulnerability php
CVE-2024-45124 unknown 2y ago Magento Open Source Improper Access Control vulnerability php
CVE-2024-39415 unknown 2y ago Magento Improper Authorization Leading to Security feature bypass php
CVE-2024-39414 unknown 2y ago Magento Improper Access Control Leads to Privilege escalation php
CVE-2024-39419 unknown 2y ago Magento Improper Access Control Leads to Privilege escalation php
CVE-2024-39417 unknown 2y ago Magento Improper Authorization leads to Security feature bypass php
CVE-2024-39411 unknown 2y ago Magento Improper Authorization leads to security feature bypass php
CVE-2024-39418 unknown 2y ago Magento Improper Authorization vulnerability php
CVE-2024-39410 unknown 2y ago Magento Open Source Cross-Site Request Forgery (CSRF) vulnerability php
CVE-2024-39413 unknown 2y ago Magento Improper Authorization vulnerability php
CVE-2024-39408 unknown 2y ago Magento Open Source Cross-Site Request Forgery vulnerability php
CVE-2024-39407 unknown 2y ago Magento Improper Authorization vulnerability php
CVE-2024-39406 unknown 2y ago Magento Open Source Path Traversal vulnerability php
CVE-2024-39416 unknown 2y ago Magento Improper Authorization leads to Security feature bypass php
CVE-2024-39412 unknown 2y ago Magento Open Source Improper Authorization vulnerability php
CVE-2024-39409 unknown 2y ago Magento Open Source Cross-Site Request Forgery (CSRF) vulnerability php
CVE-2024-39401 unknown 2y ago Magento OS Command ('OS Command Injection') vulnerability php
CVE-2024-39404 unknown 2y ago Magento Improper Authorization vulnerability php
CVE-2024-39405 unknown 2y ago Magento Improper Authorization vulnerability php
CVE-2024-39402 unknown 2y ago Magento OS Command ('OS Command Injection') vulnerability php
CVE-2024-39398 unknown 2y ago Magento does not properly restrict excessive authentication attempts php
CVE-2024-39403 unknown 2y ago Magento Stored Cross-Site Scripting (XSS) vulnerability php
CVE-2024-39399 unknown 2y ago Magento Path Traversal vulnerability php
CVE-2024-39400 unknown 2y ago Magento DOM-based Cross-Site Scripting (XSS) vulnerability php
CVE-2024-34111 unknown 2y ago Magento Open Source Server-Side Request Forgery (SSRF) vulnerability php
CVE-2024-34106 unknown 2y ago Magento Open Source Incorrect Authorization vulnerability php
CVE-2024-34105 unknown 2y ago Magento Open Source Cross-Site Scripting (XSS) vulnerability php
CVE-2024-34104 unknown 2y ago Magento Open Source Improper Authorization vulnerability php
CVE-2024-34107 unknown 2y ago Magento Open Source Improper Access Control vulnerability php
CVE-2024-34103 unknown 2y ago Magento Open Source Improper Authentication vulnerability php
CVE-2024-20758 unknown 2y ago Magento Open Source allows Improper Input Validation php
CVE-2024-20759 unknown 2y ago Magento Open Source allows Cross-Site Scripting (XSS) php
CVE-2024-20718 unknown 2y ago Magento Open Source allows Cross-Site Request Forgery (CSRF) php
CVE-2024-20719 unknown 2y ago Magento Open Source allows Cross-Site Scripting (XSS) php
CVE-2024-20720 unknown 2y ago Magento Open Source allows OS Command Injection php
CVE-2024-20716 unknown 2y ago Magento Open Source allows Uncontrolled Resource Consumption php
CVE-2023-38251 unknown 3y ago Magento Open Source allows Uncontrolled Resource Consumption php