Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline

Exploit for Improper Restriction of XML External Entity Reference in Adobe Commerce

🗓️ 28 Jun 2024 14:29:50Type 
githubexploit
 githubexploit👁 206 Views

This document contains a proof-of-concept (PoC) exploit for CVE-2024-34102, an XML entity injection vulnerability in Magento, allowing exfiltration of sensitive files and unauthorized access to administrative functionalities

Show more

AI Insights are available for you today

Leverage the power of AI to quickly understand vulnerabilities, impacts, and exploitability

Related
ReporterTitlePublishedViews
Family
Cvelist		CVE-2024-34102 XXE can expose crypt key and other secrets granting full admin access
13 Jun 202409:04
cvelist
NVD		CVE-2024-34102
13 Jun 202409:15
nvd
GithubExploit		Exploit for Improper Restriction of XML External Entity Reference in Adobe Commerce
13 Jul 202417:31
githubexploit
GithubExploit		Exploit for Improper Restriction of XML External Entity Reference in Adobe Commerce
19 Aug 202419:25
githubexploit
GithubExploit		Exploit for Improper Restriction of XML External Entity Reference in Adobe Commerce
13 Jul 202410:25
githubexploit
GithubExploit		Exploit for Improper Restriction of XML External Entity Reference in Adobe Commerce
13 Aug 202407:33
githubexploit
GithubExploit		Exploit for Improper Restriction of XML External Entity Reference in Adobe Commerce
27 Jun 202421:57
githubexploit
GithubExploit		Exploit for Improper Restriction of XML External Entity Reference in Adobe Commerce
28 Jun 202423:33
githubexploit
GithubExploit		Exploit for Improper Restriction of XML External Entity Reference in Adobe Commerce
8 Oct 202417:02
githubexploit
GithubExploit		Exploit for Improper Restriction of XML External Entity Reference in Adobe Commerce
19 Aug 202419:25
githubexploit
Rows per page

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo
28 Jun 2024 14:50Current
9.8High risk
Vulners AI Score9.8
CVSS39.8
EPSS0.94373
magentoxml entity injectionsensitive filesunauthorized access
206
.json
Report