Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
adobe commerce 2.4.0 vulnerabilities and exploits
(subscribe to this query)
5.3
CVSSv3
CVE-2021-21012
Magento versions 2.4.1 (and previous versions), 2.4.0-p1 (and previous versions) and 2.3.6 (and previous versions) are vulnerable to an insecure direct object vulnerability (IDOR) in the checkout module. Successful exploitation could lead to sensitive information disclosure.
Adobe Magento Commerce
Adobe Magento Commerce 2.4.0
Adobe Magento Commerce 2.4.1
Adobe Magento Open Source
Adobe Magento Open Source 2.4.0
Adobe Magento Open Source 2.4.1
7.5
CVSSv3
CVE-2023-22248
Adobe Commerce versions 2.4.6 (and previous versions), 2.4.5-p2 (and previous versions) and 2.4.4-p3 (and previous versions) are affected by an Incorrect Authorization vulnerability that could result in a security feature bypass. An attacker could leverage this vulnerability to l...
Adobe Commerce 2.3.7
Adobe Commerce 2.4.0
Adobe Commerce 2.4.1
Adobe Commerce 2.4.2
Adobe Commerce 2.4.3
Adobe Commerce 2.4.4
Adobe Commerce 2.4.5
Adobe Commerce 2.4.6
Adobe Magento 2.4.4
Adobe Magento 2.4.5
Adobe Magento 2.4.6
5.3
CVSSv3
CVE-2023-29287
Adobe Commerce versions 2.4.6 (and previous versions), 2.4.5-p2 (and previous versions) and 2.4.4-p3 (and previous versions) are affected by an Information Exposure vulnerability that could lead to a security feature bypass. An attacker could leverage this vulnerability to leak m...
Adobe Commerce 2.3.7
Adobe Commerce 2.4.0
Adobe Commerce 2.4.1
Adobe Commerce 2.4.2
Adobe Commerce 2.4.3
Adobe Commerce 2.4.4
Adobe Commerce 2.4.5
Adobe Commerce 2.4.6
Adobe Magento 2.4.4
Adobe Magento 2.4.5
Adobe Magento 2.4.6
4.3
CVSSv3
CVE-2023-29288
Adobe Commerce versions 2.4.6 (and previous versions), 2.4.5-p2 (and previous versions) and 2.4.4-p3 (and previous versions) are affected by an Incorrect Authorization vulnerability that could result in a security feature bypass. A privileged attacker could leverage this vulnerab...
Adobe Commerce 2.3.7
Adobe Commerce 2.4.0
Adobe Commerce 2.4.1
Adobe Commerce 2.4.2
Adobe Commerce 2.4.3
Adobe Commerce 2.4.4
Adobe Commerce 2.4.5
Adobe Commerce 2.4.6
Adobe Magento 2.4.4
Adobe Magento 2.4.5
Adobe Magento 2.4.6
6.5
CVSSv3
CVE-2023-29289
Adobe Commerce versions 2.4.6 (and previous versions), 2.4.5-p2 (and previous versions) and 2.4.4-p3 (and previous versions) are affected by an XML Injection vulnerability. An attacker with low privileges can trigger a specially crafted script to a security feature bypass. Exploi...
Adobe Commerce 2.3.7
Adobe Commerce 2.4.0
Adobe Commerce 2.4.1
Adobe Commerce 2.4.2
Adobe Commerce 2.4.3
Adobe Commerce 2.4.4
Adobe Commerce 2.4.5
Adobe Commerce 2.4.6
Adobe Magento 2.4.4
Adobe Magento 2.4.5
Adobe Magento 2.4.6
4.9
CVSSv3
CVE-2023-29291
Adobe Commerce versions 2.4.6 (and previous versions), 2.4.5-p2 (and previous versions) and 2.4.4-p3 (and previous versions) are affected by a Server-Side Request Forgery (SSRF) vulnerability that could lead to arbitrary file system read. An admin-privilege authenticated attacker...
Adobe Commerce 2.3.7
Adobe Commerce 2.4.0
Adobe Commerce 2.4.1
Adobe Commerce 2.4.2
Adobe Commerce 2.4.3
Adobe Commerce 2.4.4
Adobe Commerce 2.4.5
Adobe Commerce 2.4.6
Adobe Magento 2.4.4
Adobe Magento 2.4.5
Adobe Magento 2.4.6
4.9
CVSSv3
CVE-2023-29292
Adobe Commerce versions 2.4.6 (and previous versions), 2.4.5-p2 (and previous versions) and 2.4.4-p3 (and previous versions) are affected by a Server-Side Request Forgery (SSRF) vulnerability that could lead to arbitrary file system read. An admin-privilege authenticated attacker...
Adobe Commerce 2.3.7
Adobe Commerce 2.4.0
Adobe Commerce 2.4.1
Adobe Commerce 2.4.2
Adobe Commerce 2.4.3
Adobe Commerce 2.4.4
Adobe Commerce 2.4.5
Adobe Commerce 2.4.6
Adobe Magento 2.4.4
Adobe Magento 2.4.5
Adobe Magento 2.4.6
2.7
CVSSv3
CVE-2023-29293
Adobe Commerce versions 2.4.6 (and previous versions), 2.4.5-p2 (and previous versions) and 2.4.4-p3 (and previous versions) are affected by an Improper Input Validation vulnerability that could result in a Security feature bypass. An admin privileged attacker could leverage this...
Adobe Commerce 2.3.7
Adobe Commerce 2.4.0
Adobe Commerce 2.4.1
Adobe Commerce 2.4.2
Adobe Commerce 2.4.3
Adobe Commerce 2.4.4
Adobe Commerce 2.4.5
Adobe Commerce 2.4.6
Adobe Magento 2.4.4
Adobe Magento 2.4.5
Adobe Magento 2.4.6
4.3
CVSSv3
CVE-2023-29294
Adobe Commerce versions 2.4.6 (and previous versions), 2.4.5-p2 (and previous versions) and 2.4.4-p3 (and previous versions) are affected by a Business Logic Errors vulnerability that could result in a security feature bypass. A low-privileged attacker could leverage this vulnera...
Adobe Commerce 2.3.7
Adobe Commerce 2.4.0
Adobe Commerce 2.4.1
Adobe Commerce 2.4.2
Adobe Commerce 2.4.3
Adobe Commerce 2.4.4
Adobe Commerce 2.4.5
Adobe Commerce 2.4.6
Adobe Magento 2.4.4
Adobe Magento 2.4.5
Adobe Magento 2.4.6
4.3
CVSSv3
CVE-2023-29295
Adobe Commerce versions 2.4.6 (and previous versions), 2.4.5-p2 (and previous versions) and 2.4.4-p3 (and previous versions) are affected by an Incorrect Authorization vulnerability that could result in a security feature bypass. A low-privileged attacker could leverage this vuln...
Adobe Commerce 2.3.7
Adobe Commerce 2.4.0
Adobe Commerce 2.4.1
Adobe Commerce 2.4.2
Adobe Commerce 2.4.3
Adobe Commerce 2.4.4
Adobe Commerce 2.4.5
Adobe Commerce 2.4.6
Adobe Magento 2.4.4
Adobe Magento 2.4.5
Adobe Magento 2.4.6
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
inject
CVE-2024-44852
CVE-2024-3400
CVE-2024-30129
insecure direct object reference
CVE-2024-12115
CVE-2024-11220
CVE-2024-51378
privilege escalation
Home
/
Search Results
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »