Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
magento magento vulnerabilities and exploits
(subscribe to this query)
490
VMScore
CVE-2020-24402
Magento version 2.4.0 and 2.3.5p1 (and previous versions) are affected by an incorrect permissions vulnerability in the Integrations component. This vulnerability could be abused by authenticated users with permissions to the Resource Access API to delete customer details via the...
Magento Magento 2.3.5
Magento Magento
Magento Magento 2.4.0
356
VMScore
CVE-2020-24403
Magento version 2.4.0 and 2.3.5p1 (and previous versions) are affected by an incorrect user permissions vulnerability within the Inventory component. This vulnerability could be abused by authenticated users with Inventory and Source permissions to make unauthorized changes to in...
Magento Magento 2.3.5
Magento Magento
Magento Magento 2.4.0
490
VMScore
CVE-2020-24404
Magento version 2.4.0 and 2.3.5p1 (and previous versions) are affected by an incorrect permissions vulnerability within the Integrations component. This vulnerability could be abused by users with permissions to the Pages resource to delete cms pages via the REST API without auth...
Magento Magento 2.3.5
Magento Magento
Magento Magento 2.4.0
356
VMScore
CVE-2020-24405
Magento version 2.4.0 and 2.3.5p1 (and previous versions) are affected by an incorrect permissions issue vulnerability in the Inventory module. This vulnerability could be abused by authenticated users to modify inventory stock data without authorization.
Magento Magento 2.3.5
Magento Magento
Magento Magento 2.4.0
801
VMScore
CVE-2020-24407
Magento versions 2.4.0 and 2.3.5p1 (and previous versions) are affected by an unsafe file upload vulnerability that could result in arbitrary code execution. This vulnerability could be abused by authenticated users with administrative permissions to the System/Data and Transfer/...
Magento Magento
Magento Magento 2.3.5
Magento Magento 2.4.0
383
VMScore
CVE-2020-24408
Magento versions 2.4.0 and 2.3.5p1 (and previous versions) are affected by a persistent XSS vulnerability that allows users to upload malicious JavaScript via the file upload component. This vulnerability could be abused by an unauthenticated malicious user to execute XSS attacks...
Magento Magento
Magento Magento 2.3.5
Magento Magento 2.4.0
NA
CVE-2021-36021
Magento versions 2.4.2 (and previous versions), 2.4.2-p1 (and previous versions) and 2.3.7 (and previous versions) are affected by an Improper input validation vulnerability within the CMS page scheduled update feature. An authenticated attacker with administrative privilege coul...
Magento Magento
Magento Magento 2.3.7
Magento Magento 2.4.2
490
VMScore
CVE-2020-24400
Magento versions 2.4.0 and 2.3.5 (and previous versions) are affected by an SQL Injection vulnerability that could lead to sensitive information disclosure. This vulnerability could be exploited by an authenticated user with permissions to the product listing page to read data fr...
Magento Magento
Magento Magento 2.3.5
Magento Magento 2.4.0
490
VMScore
CVE-2020-24401
Magento versions 2.4.0 and 2.3.5p1 (and previous versions) are affected by an incorrect authorization vulnerability. A user can still access resources provisioned under their old role after an administrator removes the role or disables the user's account.
Magento Magento
Magento Magento 2.3.5
Magento Magento 2.4.0
NA
CVE-2021-36036
Magento versions 2.4.2 (and previous versions), 2.4.2-p1 (and previous versions) and 2.3.7 (and previous versions) are affected by an improper access control vulnerability within Magento's Media Gallery Upload workflow. By storing a specially crafted file in the website gall...
Magento Magento
Magento Magento 2.3.7
Magento Magento 2.4.2
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
brute force
CVE-2024-24908
open redirect
CVE-2024-31497
CVE-2023-45866
CVE-2024-4135
CVE-2024-25523
cache poisoning
CVE-2024-4649
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »