Lucene search
CVE-2020-24407
Magento versions 2.4.0 and 2.3.5p1 are affected by an unsafe file upload vulnerability, allowing arbitrary code execution
Show more
| Reporter | Title | Published | Views | Family All 132 |
|---|---|---|---|---|
 | Remote code execution | 9 Nov 202001:15 | – | prion |
 | Magento 2 Community Edition RCE via Unsafe File Upload | 24 May 202217:33 | – | github |
 | CVE-2020-24407 | 9 Nov 202001:15 | – | osv |
| Magento 2 Community Edition RCE via Unsafe File Upload | 24 May 202217:33 | – | osv |
| BIT-magento-2020-24407 | 6 Mar 202411:07 | – | osv |
 | Magento 2.4.0 / 2.3.5p1 (and earlier) Arbitrary Code Execution 0day Exploit | 24 Mar 202100:00 | – | zdt |
 | CVE-2020-24407 Arbitrary code execution via file import functionality | 9 Nov 202000:39 | – | cvelist |
 | CVE-2020-24407 | 9 Nov 202001:15 | – | nvd |
 | Website, Know Thyself: What Code Are You Serving? | 14 Nov 201915:18 | – | threatpost |
| Magecart Cyberattack Targets NutriBullet Website | 18 Mar 202009:00 | – | threatpost |
10
[
{
"product": "Magento Commerce",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "2.4.0",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "2.3.5p1",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "None",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
]| Source | Link |
|---|---|
| helpx | www.helpx.adobe.com/security/products/magento/apsb20-59.html |
Transform Your Security Services
Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.
Book a live demo09 Nov 2020 01:15Current
9.1High risk
Vulners AI Score9.1
CVSS29
CVSS39.1
EPSS0.02087