Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
adobe commerce 2.4.5 vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv3
CVE-2023-29296
Adobe Commerce versions 2.4.6 (and previous versions), 2.4.5-p2 (and previous versions) and 2.4.4-p3 (and previous versions) are affected by an Incorrect Authorization vulnerability that could result in a security feature bypass. A low-privileged attacker could leverage this vuln...
Adobe Commerce 2.3.7
Adobe Commerce 2.4.3
Adobe Commerce 2.4.4
Adobe Commerce 2.4.5
Adobe Commerce 2.4.6
Adobe Magento 2.4.4
Adobe Magento 2.4.5
Adobe Magento 2.4.6
Adobe Commerce 2.4.0
Adobe Commerce 2.4.1
Adobe Commerce 2.4.2
7.2
CVSSv3
CVE-2023-29297
Adobe Commerce versions 2.4.6 (and previous versions), 2.4.5-p2 (and previous versions) and 2.4.4-p3 (and previous versions) are affected by a Improper Neutralization of Special Elements Used in a Template Engine vulnerability that could lead to arbitrary code execution by an adm...
Adobe Commerce 2.3.7
Adobe Commerce 2.4.3
Adobe Commerce 2.4.4
Adobe Commerce 2.4.5
Adobe Commerce 2.4.6
Adobe Magento 2.4.4
Adobe Magento 2.4.5
Adobe Magento 2.4.6
Adobe Commerce 2.4.0
Adobe Commerce 2.4.1
Adobe Commerce 2.4.2
7.5
CVSSv3
CVE-2023-38207
Adobe Commerce versions 2.4.6-p1 (and previous versions), 2.4.5-p3 (and previous versions) and 2.4.4-p4 (and previous versions) are affected by a XML Injection (aka Blind XPath Injection) vulnerability that could lead in minor arbitrary file system read. Exploitation of this issu...
Adobe Commerce 2.4.4
Adobe Commerce 2.4.5
Adobe Commerce
Adobe Commerce 2.4.6
7.2
CVSSv3
CVE-2023-38208
Adobe Commerce versions 2.4.6-p1 (and previous versions), 2.4.5-p3 (and previous versions) and 2.4.4-p4 (and previous versions) are affected by an Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability that could lead to...
Adobe Commerce 2.4.4
Adobe Commerce 2.4.5
Adobe Commerce
Adobe Commerce 2.4.6
6.5
CVSSv3
CVE-2023-38209
Adobe Commerce versions 2.4.6-p1 (and previous versions), 2.4.5-p3 (and previous versions) and 2.4.4-p4 (and previous versions) are affected by an Incorrect Authorization vulnerability that could lead to a Security feature bypass. A low-privileged attacker could leverage this vul...
Adobe Commerce 2.4.4
Adobe Commerce 2.4.5
Adobe Commerce
Adobe Commerce 2.4.6
4.9
CVSSv3
CVE-2024-20716
Adobe Commerce versions 2.4.6-p3, 2.4.5-p5, 2.4.4-p6 and previous versions are affected by an Uncontrolled Resource Consumption vulnerability that could lead to an application denial-of-service. A high-privileged attacker could leverage this vulnerability to exhaust system resour...
Adobe Commerce 2.4.4
Adobe Commerce 2.4.5
Adobe Commerce 2.4.6
5.4
CVSSv3
CVE-2024-20717
Adobe Commerce versions 2.4.6-p3, 2.4.5-p5, 2.4.4-p6 and previous versions are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low-privileged malicious user to inject malicious scripts into vulnerable form fields. Malicious JavaScript may b...
Adobe Commerce 2.4.4
Adobe Commerce 2.4.5
Adobe Commerce 2.4.6
6.5
CVSSv3
CVE-2024-20718
Adobe Commerce versions 2.4.6-p3, 2.4.5-p5, 2.4.4-p6 and previous versions are affected by a Cross-Site Request Forgery (CSRF) vulnerability that could result in a Security feature bypass. An attacker could leverage this vulnerability to trick a victim into performing actions the...
Adobe Commerce 2.4.4
Adobe Commerce 2.4.5
Adobe Commerce 2.4.6
9.1
CVSSv3
CVE-2024-20719
Adobe Commerce versions 2.4.6-p3, 2.4.5-p5, 2.4.4-p6 and previous versions are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an admin malicious user to inject malicious scripts into every admin page. Malicious JavaScript may be executed in ...
Adobe Commerce 2.4.4
Adobe Commerce 2.4.5
Adobe Commerce 2.4.6
9.1
CVSSv3
CVE-2024-20720
Adobe Commerce versions 2.4.6-p3, 2.4.5-p5, 2.4.4-p6 and previous versions are affected by an Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability that could lead in arbitrary code execution by an attacker. Exploitatio...
Adobe Commerce 2.4.4
Adobe Commerce 2.4.5
Adobe Commerce 2.4.6
1 Github repository
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33228
CVE-2024-20361
log injection
bypass
CVE-2024-4985
CVE-2024-35223
CVE-2024-29849
CVE-2024-31893
IMAP
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
NEXT »