| CVE-2022-35692 |
unknown |
— |
— |
4y ago |
Magento Open Source has Improper Access Control vulnerability |
|
| CVE-2021-36027 |
unknown |
— |
— |
4y ago |
Magento stored cross-site scripting vulnerability |
|
| CVE-2021-36026 |
unknown |
— |
— |
4y ago |
Magento stored cross-site scripting vulnerability in the customer address upload feature |
|
| CVE-2021-39864 |
unknown |
— |
— |
4y ago |
Magento Open Source allows Cross-Site Request Forgery (CSRF) |
|
| CVE-2021-28567 |
unknown |
— |
— |
4y ago |
Magento Improper Authorization vulnerability in the customers module |
|
| CVE-2021-36012 |
unknown |
— |
— |
4y ago |
Magento affected by a business logic error in the placeOrder graphql mutation |
|
| CVE-2021-36020 |
unknown |
— |
— |
4y ago |
Magento XML Injection vulnerability in the 'City' field |
|
| CVE-2021-36022 |
unknown |
— |
— |
4y ago |
Magento XML Injection vulnerability in the Widgets Update Layout |
|
| CVE-2021-36029 |
unknown |
— |
— |
4y ago |
Magento improper authorization vulnerability |
|
| CVE-2021-36025 |
unknown |
— |
— |
4y ago |
Magento is affected by an improper input validation vulnerability while saving a customer's details |
|
| CVE-2021-36024 |
unknown |
— |
— |
4y ago |
Magento is affected by an os command injection via the Data collection endpoint |
|
| CVE-2021-36033 |
unknown |
— |
— |
4y ago |
Magento XML Injection vulnerability in the Widgets Module |
|
| CVE-2021-36032 |
unknown |
— |
— |
4y ago |
Magento is affected by an improper input validation vulnerability |
|
| CVE-2021-36031 |
unknown |
— |
— |
4y ago |
Magento Path Traversal vulnerability via the `theme[preview_image]` parameter |
|
| CVE-2021-36030 |
unknown |
— |
— |
4y ago |
Magento allows attackers to alter the price of items |
|
| CVE-2021-36028 |
unknown |
— |
— |
4y ago |
Magento has an XML Injection vulnerability |
|
| CVE-2021-36034 |
unknown |
— |
— |
4y ago |
Magento affected by remote code execution via a file upload |
|
| CVE-2021-36043 |
unknown |
— |
— |
4y ago |
Magento affected by a blind SSRF vulnerability in the bundled dotmailer extension |
|
| CVE-2021-36042 |
unknown |
— |
— |
4y ago |
Magento executes code via the API File Option Upload Extension |
|
| CVE-2021-36041 |
unknown |
— |
— |
4y ago |
Magento vulnerable to file upload attack |
|
| CVE-2021-36040 |
unknown |
— |
— |
4y ago |
Magento has a file extension restrictions bypass |
|
| CVE-2021-36039 |
unknown |
— |
— |
4y ago |
Magento discloses sensitive information |
|
| CVE-2021-36038 |
unknown |
— |
— |
4y ago |
Magento discloses sensitive information via the Multishipping Module |
|
| CVE-2021-36037 |
unknown |
— |
— |
4y ago |
Magento is affected by an improper authorization vulnerability |
|
| CVE-2021-36044 |
unknown |
— |
— |
4y ago |
Magento affected by a server-side denial-of-service using a GraphQL field |
|
| CVE-2021-28556 |
unknown |
— |
— |
4y ago |
Magento DOM-based Cross-Site Scripting vulnerability on mage-messages cookies |
|
| CVE-2021-28583 |
unknown |
— |
— |
4y ago |
Magento Violation of Secure Design Principles vulnerability in RMA PDF filename formats |
|
| CVE-2021-28585 |
unknown |
— |
— |
4y ago |
Magento Improper input validation vulnerability |
|
| CVE-2021-28584 |
unknown |
— |
— |
4y ago |
Magento Path Traversal vulnerability |
|
| CVE-2021-21031 |
unknown |
— |
— |
4y ago |
Magento Insufficient Session Expiration |
|
| CVE-2021-21030 |
unknown |
— |
— |
4y ago |
Magento stored cross-site scripting (XSS) in the customer address upload feature |
|
| CVE-2021-21027 |
unknown |
— |
— |
4y ago |
Magento cross-site request forgery (CSRF) vulnerability via the GraphQL API |
|
| CVE-2021-21026 |
unknown |
— |
— |
4y ago |
Magento improper authorization vulnerability in the integrations module |
|
| CVE-2021-21032 |
unknown |
— |
— |
4y ago |
Magento Insufficient Session Expiration |
|
| CVE-2021-21023 |
unknown |
— |
— |
4y ago |
Magento stored cross-site scripting vulnerability in the admin console |
|
| CVE-2021-21022 |
unknown |
— |
— |
4y ago |
Magento Insecure Direct Object Reference (IDOR) in the product module |
|
| CVE-2021-21020 |
unknown |
— |
— |
4y ago |
Magento Improper Access Control |
|
| CVE-2021-21025 |
unknown |
— |
— |
4y ago |
Magento XPath Injection |
|
| CVE-2021-21014 |
unknown |
— |
— |
4y ago |
Magento vulnerable to a file upload restriction bypass |
|
| CVE-2021-21016 |
unknown |
— |
— |
4y ago |
Magento OS command injection via the WebAPI |
|
| CVE-2020-24407 |
unknown |
— |
— |
4y ago |
Magento 2 Community Edition RCE via Unsafe File Upload |
|
| CVE-2020-24402 |
unknown |
— |
— |
4y ago |
Magento incorrect permissions vulnerability in the Integrations component |
|
| CVE-2020-24401 |
unknown |
— |
— |
4y ago |
Magento 2 Community Edition Incorrect Authorization |
|
| CVE-2020-24403 |
unknown |
— |
— |
4y ago |
Magento incorrect user permissions vulnerability within the Inventory component |
|
| CVE-2020-9691 |
unknown |
— |
— |
4y ago |
Magento DOM-based Cross-site scripting vulnerability |
|
| CVE-2020-9689 |
unknown |
— |
— |
4y ago |
Magento path traversal vulnerability |
|
| CVE-2020-9632 |
unknown |
— |
— |
4y ago |
Magento security mitigation bypass vulnerability |
|
| CVE-2020-9630 |
unknown |
— |
— |
4y ago |
Magento business logic error vulnerability |
|
| CVE-2020-9631 |
unknown |
— |
— |
4y ago |
Magento security mitigation bypass vulnerability |
|
| CVE-2020-9585 |
unknown |
— |
— |
4y ago |
Magento Defense-in-depth security mitigation vulnerability |
|
| CVE-2020-9587 |
unknown |
— |
— |
4y ago |
Magento authorization bypass vulnerability |
|
| CVE-2020-9582 |
unknown |
— |
— |
4y ago |
Magento command injection vulnerability |
|
| CVE-2020-9583 |
unknown |
— |
— |
4y ago |
Magento command injection vulnerability |
|
| CVE-2020-9584 |
unknown |
— |
— |
4y ago |
Magento Stored cross-site scripting |
|
| CVE-2020-9588 |
unknown |
— |
— |
4y ago |
Magento Signature verification bypass |
|
| CVE-2020-9577 |
unknown |
— |
— |
4y ago |
Magento stored cross-site scripting vulnerability |
|
| CVE-2020-9581 |
unknown |
— |
— |
4y ago |
Magento stored cross-site scripting vulnerability |
|
| CVE-2020-9580 |
unknown |
— |
— |
4y ago |
Magento Security mitigation bypass vulnerability |
|
| CVE-2020-9578 |
unknown |
— |
— |
4y ago |
Magento command injection vulnerability |
|
| CVE-2020-9576 |
unknown |
— |
— |
4y ago |
Magento command injection vulnerability |
|
| CVE-2019-8114 |
unknown |
— |
— |
4y ago |
Magento 2 Community Edition RCE Vulnerability |
|