Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
adobe systems incorporated magento 2 vulnerabilities and exploits
(subscribe to this query)
4.8
CVSSv3
CVE-2019-8115
A reflected cross-site scripting (XSS) vulnerability exists in Magento 2.2 before 2.2.10, Magento 2.3 before 2.3.3 or 2.3.2-p1. An authenticated admin user can inject arbitrary JavaScript code when adding an image for during simple product creation.
Adobe Systems Incorporated Magento 2
Magento Magento
7.2
CVSSv3
CVE-2019-8119
A remote code execution vulnerability exists in Magento 2.1 before 2.1.19, Magento 2.2 before 2.2.10, Magento 2.3 before 2.3.3. An authenticated admin user with import product privileges can delete files through bulk product import and inject code into XSLT file. The combination ...
Adobe Systems Incorporated Magento 2
Magento Magento
5.4
CVSSv3
CVE-2019-8120
A stored cross-site scripting (XSS) vulnerability exists in Magento 2.1 before 2.1.19, Magento 2.2 before 2.2.10, Magento 2.3 before 2.3.3. An authenticated user can inject arbitrary Javascript code by manipulating section of a POST request related to customer's email addres...
Adobe Systems Incorporated Magento 2
Magento Magento
9.8
CVSSv3
CVE-2019-8121
An insecure component vulnerability exists in Magento 2.1 before 2.1.19, Magento 2.2 before 2.2.10, Magento 2.3 before 2.3.3. Magento 2 codebase leveraged outdated versions of JS libraries (Bootstrap, jquery, Knockout) with known security vulnerabilities.
Adobe Systems Incorporated Magento 2
Magento Magento
8.8
CVSSv3
CVE-2019-8122
A remote code execution vulnerability exists in Magento 2.1 before 2.1.19, Magento 2.2 before 2.2.10, Magento 2.3 before 2.3.3. An authenticated user with privileges to create products can craft custom layout update and use import product functionality to enable remote code execu...
Adobe Systems Incorporated Magento 2
Magento Magento
5.4
CVSSv3
CVE-2019-8117
A stored cross-site scripting (XSS) vulnerability exists in Magento 2.2 before 2.2.10, Magento 2.3 before 2.3.3 or 2.3.2-p1. An authenticates user can inject arbitrary JavaScript code via product view id specification.
Adobe Systems Incorporated Magento 2
Magento Magento
5.3
CVSSv3
CVE-2019-8123
An insufficient logging and monitoring vulnerability exists in Magento 1 before 1.9.4.3 and 1.14.4.3, Magento 2.1 before 2.1.19, Magento 2.2 before 2.2.10, Magento 2.3 before 2.3.3. The logging feature required for effective monitoring did not contain sufficent data to effectivel...
Adobe Systems Incorporated Magento 1& 2
Magento Magento
5.4
CVSSv3
CVE-2019-8092
A reflected cross-site scripting (XSS) vulnerability exists in Magento 2.2 before 2.2.10, Magento 2.3 before 2.3.3 or 2.3.2-p1. An authenticated user can inject arbitrary JavaScript code via email template preview.
Adobe Systems Incorporated Magento 2
Magento Magento
Magento Magento 2.3.2
6.5
CVSSv3
CVE-2019-8108
Insecure authentication and session management vulnerability exists in Magento 2.2 before 2.2.10, Magento 2.3 before 2.3.3 or 2.3.2-p1. An authenticated user can manipulate session validation setting for a storefront that leads to insecure authentication and session management.
Adobe Systems Incorporated Magento 2
Magento Magento
Magento Magento 2.3.2
8
CVSSv3
CVE-2019-8109
A remote code execution vulnerability exists in Magento 2.2 before 2.2.10, Magento 2.3 before 2.3.3 or 2.3.2-p1. An authenticated user can craft a malicious CSRF payload that can result in arbitrary command execution.
Adobe Systems Incorporated Magento 2
Magento Magento
Magento Magento 2.3.2
Preferred Score:
CVSSv3
CVSSv2
CVSSv3
CVSSv4
EPSS
VMScore
Recommendations:
jasmin ransomware
CVE-2025-6110
code execution
CVE-2025-21420
reflected XSS
CVE-2025-5336
wp url shortener
CVE-2025-49113
gr-5400ax
overflow
CVE-2025-6062
letta-ai
CVE-2025-50143
Home
/
Search Results
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »
Vulmon