Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
adobe magento 2.4.6 vulnerabilities and exploits
(subscribe to this query)
9
CVSSv3
CVE-2024-39397
Adobe Commerce versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and previous versions are affected by an Unrestricted Upload of File with Dangerous Type vulnerability that could result in arbitrary code execution by an attacker. An attacker could exploit this vulnerability by uplo...
Adobe Commerce
Adobe Commerce 2.4.4
Adobe Commerce 2.4.5
Adobe Commerce 2.4.6
Adobe Commerce 2.4.7
Adobe Magento
Adobe Magento 2.4.4
Adobe Magento 2.4.5
Adobe Magento 2.4.6
Adobe Magento 2.4.7
4.3
CVSSv3
CVE-2024-39413
Adobe Commerce versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and previous versions are affected by an Improper Authorization vulnerability that could result in a Security feature bypass. A low-privileged attacker could leverage this vulnerability to bypass security measures and...
Adobe Commerce
Adobe Commerce 2.4.4
Adobe Commerce 2.4.5
Adobe Commerce 2.4.6
Adobe Commerce 2.4.7
Adobe Magento
Adobe Magento 2.4.4
Adobe Magento 2.4.5
Adobe Magento 2.4.6
Adobe Magento 2.4.7
4.3
CVSSv3
CVE-2024-39414
Adobe Commerce versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and previous versions are affected by an Improper Authorization vulnerability that could result in a Security feature bypass. A low-privileged attacker could leverage this vulnerability to bypass security measures and...
Adobe Commerce
Adobe Commerce 2.4.4
Adobe Commerce 2.4.5
Adobe Commerce 2.4.6
Adobe Commerce 2.4.7
Adobe Magento
Adobe Magento 2.4.4
Adobe Magento 2.4.5
Adobe Magento 2.4.6
Adobe Magento 2.4.7
7.4
CVSSv3
CVE-2024-39398
Adobe Commerce versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and previous versions are affected by an Improper Restriction of Excessive Authentication Attempts vulnerability that could result in a security feature bypass. An attacker could exploit this vulnerability to perform ...
Adobe Commerce
Adobe Commerce 2.4.4
Adobe Commerce 2.4.5
Adobe Commerce 2.4.6
Adobe Commerce 2.4.7
Adobe Magento
Adobe Magento 2.4.4
Adobe Magento 2.4.5
Adobe Magento 2.4.6
Adobe Magento 2.4.7
7.7
CVSSv3
CVE-2024-39399
Adobe Commerce versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and previous versions are affected by an Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability that could lead to arbitrary file system read. A low-privileged attacker ...
Adobe Commerce
Adobe Commerce 2.4.4
Adobe Commerce 2.4.5
Adobe Commerce 2.4.6
Adobe Commerce 2.4.7
Adobe Magento
Adobe Magento 2.4.4
Adobe Magento 2.4.5
Adobe Magento 2.4.6
Adobe Magento 2.4.7
8.1
CVSSv3
CVE-2024-39400
Adobe Commerce versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and previous versions are affected by a DOM-based Cross-Site Scripting (XSS) vulnerability. This vulnerability could allow an admin malicious user to inject and execute arbitrary JavaScript code within the context of ...
Adobe Commerce
Adobe Commerce 2.4.4
Adobe Commerce 2.4.5
Adobe Commerce 2.4.6
Adobe Commerce 2.4.7
Adobe Magento
Adobe Magento 2.4.4
Adobe Magento 2.4.5
Adobe Magento 2.4.6
Adobe Magento 2.4.7
8.4
CVSSv3
CVE-2024-39401
Adobe Commerce versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and previous versions are affected by an Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability that could lead in arbitrary code execution by an admin attac...
Adobe Commerce
Adobe Commerce 2.4.4
Adobe Commerce 2.4.5
Adobe Commerce 2.4.6
Adobe Commerce 2.4.7
Adobe Magento
Adobe Magento 2.4.4
Adobe Magento 2.4.5
Adobe Magento 2.4.6
Adobe Magento 2.4.7
8.4
CVSSv3
CVE-2024-39402
Adobe Commerce versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and previous versions are affected by an Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability that could lead in arbitrary code execution by an admin attac...
Adobe Commerce
Adobe Commerce 2.4.4
Adobe Commerce 2.4.5
Adobe Commerce 2.4.6
Adobe Commerce 2.4.7
Adobe Magento
Adobe Magento 2.4.4
Adobe Magento 2.4.5
Adobe Magento 2.4.6
Adobe Magento 2.4.7
7.6
CVSSv3
CVE-2024-39403
Adobe Commerce versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and previous versions are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low-privileged malicious user to inject malicious scripts into vulnerable form fields. Malicious JavaSc...
Adobe Commerce
Adobe Commerce 2.4.4
Adobe Commerce 2.4.5
Adobe Commerce 2.4.6
Adobe Commerce 2.4.7
Adobe Magento
Adobe Magento 2.4.4
Adobe Magento 2.4.5
Adobe Magento 2.4.6
Adobe Magento 2.4.7
4.3
CVSSv3
CVE-2024-39404
Adobe Commerce versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and previous versions are affected by an Improper Authorization vulnerability that could result in a Security feature bypass. A low-privileged attacker could leverage this vulnerability to bypass security measures and...
Adobe Commerce
Adobe Commerce 2.4.4
Adobe Commerce 2.4.5
Adobe Commerce 2.4.6
Adobe Commerce 2.4.7
Adobe Magento
Adobe Magento 2.4.4
Adobe Magento 2.4.5
Adobe Magento 2.4.6
Adobe Magento 2.4.7
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
inject
CVE-2024-44852
CVE-2024-3400
CVE-2024-30129
insecure direct object reference
CVE-2024-12115
CVE-2024-11220
CVE-2024-51378
privilege escalation
Home
/
Search Results
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »