Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
magento magento vulnerabilities and exploits
(subscribe to this query)
4.2
CVSSv3
CVE-2021-28583
Magento versions 2.4.2 (and previous versions), 2.4.1-p1 (and previous versions) and 2.3.6-p1 (and previous versions) are affected by a Violation of Secure Design Principles vulnerability in RMA PDF filename formats. Successful exploitation could allow an malicious user to get un...
Adobe Magento Commerce
Magento Magento
Magento Magento 2.3.6
Magento Magento 2.4.1
Magento Magento 2.4.2
7.2
CVSSv3
CVE-2021-28584
Magento versions 2.4.2 (and previous versions), 2.4.1-p1 (and previous versions) and 2.3.6-p1 (and previous versions) are affected by a Path Traversal vulnerability when creating a store with child theme.Successful exploitation could lead to arbitrary file system write by an auth...
Adobe Magento Commerce
Magento Magento
Magento Magento 2.3.6
Magento Magento 2.4.1
Magento Magento 2.4.2
9.1
CVSSv3
CVE-2021-21014
Magento versions 2.4.1 (and previous versions), 2.4.0-p1 (and previous versions) and 2.3.6 (and previous versions) are vulnerable to a file upload restriction bypass. Successful exploitation could lead to arbitrary code execution by an authenticated attacker. Access to the admin ...
Adobe Magento Commerce
Magento Magento
Magento Magento 2.3.6
Magento Magento 2.4.0
Magento Magento 2.4.1
1 Github repository
9.1
CVSSv3
CVE-2021-21016
Magento versions 2.4.1 (and previous versions), 2.4.0-p1 (and previous versions) and 2.3.6 (and previous versions) are vulnerable to OS command injection via the WebAPI. Successful exploitation could lead to remote code execution by an authenticated attacker. Access to the admin ...
Adobe Magento Commerce
Magento Magento
Magento Magento 2.3.6
Magento Magento 2.4.0
Magento Magento 2.4.1
9.1
CVSSv3
CVE-2021-21018
Magento versions 2.4.1 (and previous versions), 2.4.0-p1 (and previous versions) and 2.3.6 (and previous versions) are vulnerable to OS command injection via the scheduled operation module. Successful exploitation could lead to arbitrary code execution by an authenticated attacke...
Adobe Magento Commerce
Magento Magento
Magento Magento 2.3.6
Magento Magento 2.4.0
Magento Magento 2.4.1
5.3
CVSSv3
CVE-2021-21020
Magento versions 2.4.1 (and previous versions), 2.4.0-p1 (and previous versions) and 2.3.6 (and previous versions) are vulnerable to an access control bypass vulnerability in the Login as Customer module. Successful exploitation could lead to unauthorized access to restricted res...
Adobe Magento Commerce
Magento Magento
Magento Magento 2.3.6
Magento Magento 2.4.0
Magento Magento 2.4.1
4.8
CVSSv3
CVE-2021-21023
Magento versions 2.4.1 (and previous versions), 2.4.0-p1 (and previous versions) and 2.3.6 (and previous versions) are vulnerable to a stored cross-site scripting vulnerability in the admin console. Successful exploitation could lead to arbitrary JavaScript execution in the victi...
Adobe Magento Commerce
Magento Magento
Magento Magento 2.3.6
Magento Magento 2.4.0
Magento Magento 2.4.1
9.1
CVSSv3
CVE-2021-21024
Magento versions 2.4.1 (and previous versions), 2.4.0-p1 (and previous versions) and 2.3.6 (and previous versions) are affected by a blind SQL injection vulnerability in the Search module. Successful exploitation could lead to unauthorized access to restricted resources by an una...
Adobe Magento Commerce
Magento Magento
Magento Magento 2.3.6
Magento Magento 2.4.0
Magento Magento 2.4.1
9.1
CVSSv3
CVE-2021-21025
Magento versions 2.4.1 (and previous versions), 2.4.0-p1 (and previous versions) and 2.3.6 (and previous versions) are vulnerable to XML injection in the product layout updates. Successful exploitation could lead to arbitrary code execution by an authenticated attacker. Access to...
Adobe Magento Commerce
Magento Magento
Magento Magento 2.3.6
Magento Magento 2.4.0
Magento Magento 2.4.1
5.3
CVSSv3
CVE-2021-21026
Magento versions 2.4.1 (and previous versions), 2.4.0-p1 (and previous versions) and 2.3.6 (and previous versions) are affected by an improper authorization vulnerability in the integrations module. Successful exploitation could lead to unauthorized access to restricted resources...
Adobe Magento Commerce
Magento Magento
Magento Magento 2.3.6
Magento Magento 2.4.0
Magento Magento 2.4.1
Preferred Score:
CVSSv3
CVSSv2
CVSSv3
CVSSv4
EPSS
VMScore
Recommendations:
jasmin ransomware
CVE-2025-6110
code execution
CVE-2025-21420
reflected XSS
CVE-2025-5336
wp url shortener
CVE-2025-49113
gr-5400ax
overflow
CVE-2025-6062
letta-ai
CVE-2025-50143
Home
/
Search Results
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »
Vulmon