Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
magento magento 2.4.1 vulnerabilities and exploits
(subscribe to this query)
4
CVSSv2
CVE-2021-28567
Magento versions 2.4.2 (and previous versions), 2.4.1-p1 (and previous versions) and 2.3.6-p1 (and previous versions) are vulnerable to an Improper Authorization vulnerability in the customers module. Successful exploitation could allow a low-privileged user to modify customer da...
Magento Magento
6.4
CVSSv2
CVE-2021-28563
Magento versions 2.4.2 (and previous versions), 2.4.1-p1 (and previous versions) and 2.3.6-p1 (and previous versions) are affected by an Improper Authorization vulnerability via the 'Create Customer' endpoint. Successful exploitation could lead to unauthorized modificat...
Magento Magento
4
CVSSv2
CVE-2021-28566
Magento versions 2.4.2 (and previous versions), 2.4.1-p1 (and previous versions) and 2.3.6-p1 (and previous versions) are vulnerable to an Information Disclosure vulnerability when uploading a modified png file to a product image. Successful exploitation could lead to the disclos...
Magento Magento
NA
CVE-2023-29287
Adobe Commerce versions 2.4.6 (and previous versions), 2.4.5-p2 (and previous versions) and 2.4.4-p3 (and previous versions) are affected by an Information Exposure vulnerability that could lead to a security feature bypass. An attacker could leverage this vulnerability to leak m...
Adobe Commerce 2.3.7
Adobe Commerce 2.4.3
Adobe Commerce 2.4.4
Adobe Commerce 2.4.5
Adobe Commerce 2.4.6
Adobe Magento 2.4.4
Adobe Magento 2.4.5
Adobe Magento 2.4.6
Adobe Commerce 2.4.0
Adobe Commerce 2.4.1
Adobe Commerce 2.4.2
NA
CVE-2023-29288
Adobe Commerce versions 2.4.6 (and previous versions), 2.4.5-p2 (and previous versions) and 2.4.4-p3 (and previous versions) are affected by an Incorrect Authorization vulnerability that could result in a security feature bypass. A privileged attacker could leverage this vulnerab...
Adobe Commerce 2.3.7
Adobe Commerce 2.4.3
Adobe Commerce 2.4.4
Adobe Commerce 2.4.5
Adobe Commerce 2.4.6
Adobe Magento 2.4.4
Adobe Magento 2.4.5
Adobe Magento 2.4.6
Adobe Commerce 2.4.0
Adobe Commerce 2.4.1
Adobe Commerce 2.4.2
NA
CVE-2023-29289
Adobe Commerce versions 2.4.6 (and previous versions), 2.4.5-p2 (and previous versions) and 2.4.4-p3 (and previous versions) are affected by an XML Injection vulnerability. An attacker with low privileges can trigger a specially crafted script to a security feature bypass. Exploi...
Adobe Commerce 2.3.7
Adobe Commerce 2.4.3
Adobe Commerce 2.4.4
Adobe Commerce 2.4.5
Adobe Commerce 2.4.6
Adobe Magento 2.4.4
Adobe Magento 2.4.5
Adobe Magento 2.4.6
Adobe Commerce 2.4.0
Adobe Commerce 2.4.1
Adobe Commerce 2.4.2
NA
CVE-2023-29290
Adobe Commerce versions 2.4.6 (and previous versions), 2.4.5-p2 (and previous versions) and 2.4.4-p3 (and previous versions) are affected by an Incorrect Authorization vulnerability that could result in a security feature bypass. An attacker could leverage this vulnerability to b...
Adobe Commerce 2.3.7
Adobe Commerce 2.4.3
Adobe Commerce 2.4.4
Adobe Commerce 2.4.5
Adobe Commerce 2.4.6
Adobe Magento 2.4.4
Adobe Magento 2.4.5
Adobe Magento 2.4.6
Adobe Commerce 2.4.0
Adobe Commerce 2.4.1
Adobe Commerce 2.4.2
NA
CVE-2023-29291
Adobe Commerce versions 2.4.6 (and previous versions), 2.4.5-p2 (and previous versions) and 2.4.4-p3 (and previous versions) are affected by a Server-Side Request Forgery (SSRF) vulnerability that could lead to arbitrary file system read. An admin-privilege authenticated attacker...
Adobe Commerce 2.3.7
Adobe Commerce 2.4.3
Adobe Commerce 2.4.4
Adobe Commerce 2.4.5
Adobe Commerce 2.4.6
Adobe Magento 2.4.4
Adobe Magento 2.4.5
Adobe Magento 2.4.6
Adobe Commerce 2.4.0
Adobe Commerce 2.4.1
Adobe Commerce 2.4.2
NA
CVE-2023-29292
Adobe Commerce versions 2.4.6 (and previous versions), 2.4.5-p2 (and previous versions) and 2.4.4-p3 (and previous versions) are affected by a Server-Side Request Forgery (SSRF) vulnerability that could lead to arbitrary file system read. An admin-privilege authenticated attacker...
Adobe Commerce 2.3.7
Adobe Commerce 2.4.3
Adobe Commerce 2.4.4
Adobe Commerce 2.4.5
Adobe Commerce 2.4.6
Adobe Magento 2.4.4
Adobe Magento 2.4.5
Adobe Magento 2.4.6
Adobe Commerce 2.4.0
Adobe Commerce 2.4.1
Adobe Commerce 2.4.2
NA
CVE-2023-29293
Adobe Commerce versions 2.4.6 (and previous versions), 2.4.5-p2 (and previous versions) and 2.4.4-p3 (and previous versions) are affected by an Improper Input Validation vulnerability that could result in a Security feature bypass. An admin privileged attacker could leverage this...
Adobe Commerce 2.3.7
Adobe Commerce 2.4.3
Adobe Commerce 2.4.4
Adobe Commerce 2.4.5
Adobe Commerce 2.4.6
Adobe Magento 2.4.4
Adobe Magento 2.4.5
Adobe Magento 2.4.6
Adobe Commerce 2.4.0
Adobe Commerce 2.4.1
Adobe Commerce 2.4.2
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
buffer overflow
type confusion
server-side request forgery
CVE-2024-38440
CVE-2024-27801
CVE-2024-5868
CVE-2024-0582
CVE-2024-37643
CVE-2024-3105
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
NEXT »