Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
adobe magento open source vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2022-24086
Adobe Commerce versions 2.4.3-p1 (and previous versions) and 2.3.7-p2 (and previous versions) are affected by an improper input validation vulnerability during the checkout process. Exploitation of this issue does not require user interaction and could result in arbitrary code ex...
Magento Magento
Adobe Commerce 2.3.7
Adobe Commerce 2.4.3
Adobe Commerce
Magento Magento 2.4.3
Magento Magento 2.3.7
11 Github repositories
4 Articles
9.8
CVSSv3
CVE-2021-36020
Magento Commerce versions 2.4.2 (and previous versions), 2.4.2-p1 (and previous versions) and 2.3.7 (and previous versions) are affected by an XML Injection vulnerability in the 'City' field. An unauthenticated attacker can trigger a specially crafted script to achieve ...
Adobe Magento Open Source
Adobe Adobe Commerce
Adobe Adobe Commerce 2.4.2
Adobe Magento Open Source 2.4.2
8.8
CVSSv3
CVE-2021-36032
Magento Commerce versions 2.4.2 (and previous versions), 2.4.2-p1 (and previous versions) and 2.3.7 (and previous versions) are affected by an improper input validation vulnerability. An authenticated attacker can trigger an insecure direct object reference in the `V1/customers/m...
Adobe Magento Open Source
Adobe Adobe Commerce
Adobe Adobe Commerce 2.4.2
Adobe Magento Open Source 2.4.2
7.5
CVSSv3
CVE-2023-22247
Adobe Commerce versions 2.4.4-p2 (and previous versions) and 2.4.5-p1 (and previous versions) are affected by an XML Injection vulnerability that could lead to arbitrary file system read. An unauthenticated attacker can force the application to make arbitrary requests via injecti...
Adobe Commerce 2.4.4
Adobe Magento Open Source
Adobe Magento Open Source 2.4.5
Adobe Magento Open Source 2.4.4
Adobe Commerce 2.4.5
Adobe Commerce
7.5
CVSSv3
CVE-2021-36030
Magento Commerce versions 2.4.2 (and previous versions), 2.4.2-p1 (and previous versions) and 2.3.7 (and previous versions) are affected by an improper input validation vulnerability during the checkout process. An unauthenticated attacker can leverage this vulnerability to alter...
Adobe Magento Open Source
Adobe Adobe Commerce
Adobe Adobe Commerce 2.4.2
Adobe Magento Open Source 2.4.2
7.5
CVSSv3
CVE-2021-36044
Magento Commerce versions 2.4.2 (and previous versions), 2.4.2-p1 (and previous versions) and 2.3.7 (and previous versions) are affected by an improper input validation vulnerability. An unauthenticated attacker could abuse this vulnerability to cause a server-side denial-of-serv...
Adobe Magento Open Source
Adobe Adobe Commerce
Adobe Adobe Commerce 2.4.2
Adobe Magento Open Source 2.4.2
7.2
CVSSv3
CVE-2022-24093
Adobe Commerce versions 2.4.3-p1 (and previous versions) and 2.3.7-p2 (and previous versions) are affected by an improper input validation vulnerability. Exploitation of this issue does not require user interaction and could result in a post-authentication arbitrary code executio...
Adobe Magento Open Source 2.3.7
Adobe Magento Open Source 2.4.3
Adobe Magento Open Source
Adobe Commerce 2.3.7
Adobe Commerce 2.4.3
Adobe Commerce
7.2
CVSSv3
CVE-2021-36022
Magento Commerce versions 2.4.2 (and previous versions), 2.4.2-p1 (and previous versions) and 2.3.7 (and previous versions) are affected by an XML Injection vulnerability in the Widgets Update Layout. An attacker with admin privileges can trigger a specially crafted script to ach...
Adobe Magento Open Source
Adobe Adobe Commerce
Adobe Adobe Commerce 2.4.2
Adobe Magento Open Source 2.4.2
7.2
CVSSv3
CVE-2021-36024
Magento Commerce versions 2.4.2 (and previous versions), 2.4.2-p1 (and previous versions) and 2.3.7 (and previous versions) are affected by an Improper Neutralization of Special Elements Used In A Command via the Data collection endpoint. An attacker with admin privileges can upl...
Adobe Magento Open Source
Adobe Adobe Commerce
Adobe Adobe Commerce 2.4.2
Adobe Magento Open Source 2.4.2
7.2
CVSSv3
CVE-2021-36028
Magento Commerce versions 2.4.2 (and previous versions), 2.4.2-p1 (and previous versions) and 2.3.7 (and previous versions) are affected by an XML Injection vulnerability when saving a configurable product. An attacker with admin privileges can trigger a specially crafted script ...
Adobe Magento Open Source
Adobe Adobe Commerce
Adobe Adobe Commerce 2.4.2
Adobe Magento Open Source 2.4.2
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-0044
client side
CVE-2021-47601
deserialization
CVE-2024-34994
encryption
CVE-2021-47609
CVE-2024-37079
CVE-2024-38608
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
NEXT »