Lucene search
K

12 matches found

GithubExploit
GithubExploit
added 2023/09/03 5:27 p.m.17 views

Exploit for Improper Input Validation in Adobe Commerce

CVE-2022-24086 CVE-2022-24086 POC example provided by BurpRoot...

10CVSS9.8AI score0.99199EPSS
Exploits5
The Hacker News
The Hacker News
added 2023/08/14 1:14 p.m.69 views

Ongoing Xurum Attacks on E-commerce Sites Exploiting Critical Magento 2 Vulnerability

E-commerce sites using Adobe's Magento 2 software are the target of an ongoing campaign that has been active since at least January 2023. The attacks, dubbed Xurum by Akamai, leverage a now-patched critical security flaw CVE-2022-24086, CVSS score: 9.8 in Adobe Commerce and Magento Open Source...

10CVSS8.1AI score0.99199EPSS
Exploits5
GithubExploit
GithubExploit
added 2022/10/01 1:53 p.m.6 views

Exploit for Improper Input Validation in Adobe Commerce

CVE-2022-24086 PoC of CV...

10CVSS9.8AI score0.99199EPSS
Exploits5
GithubExploit
GithubExploit
added 2022/04/14 4:56 p.m.79 views

Exploit for CVE-2022-24087

CVE-2022-24087-RCE and CVE-2022-24086-RCE CVE description...

10CVSS8.4AI score0.99199EPSS
Exploits6
Check Point Advisories
Check Point Advisories
added 2022/03/29 12:0 a.m.35 views

Adobe Commerce Command Injection (CVE-2022-24086)

A command injection vulnerability exists in Adobe Commerce. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary commands on the affected system...

10CVSS5.7AI score0.99199EPSS
Exploits5
Trellix
Trellix
added 2022/03/02 12:0 a.m.71 views

The Bug Report - February 2022 Edition

The Bug Report - February 2022 By Jesse Chick · March 2, 2022 Your Cybersecurity Comic Relief Image courtesy of https://toggl.com/ Why am I here? Welcome back to the Bug Report, stubby-month edition! For those in the audience unfamiliar with our shtick, every month we compile a shortlist of the t...

9.8AI score0.99199EPSS
Exploits14
CVE
CVE
added 2022/02/16 4:38 p.m.1369 views

CVE-2022-24086

CVE-2022-24086 affects Adobe Commerce and Magento Open Source via an improper input validation vulnerability during checkout, allowing arbitrary code execution without user interaction. Affected: Adobe Commerce 2.4.3-p1 and earlier, 2.3.7-p2 and earlier. Evidence from multiple advisories confirms...

10CVSS9.7AI score0.99199EPSS
In wildExploits5References2Affected Software2
hivepro
hivepro
added 2022/02/15 7:26 a.m.95 views

Critical Magento zero-day vulnerability actively exploiting multiple e-commerce websites

THREAT LEVEL: Red. For a detailed advisory, download the pdf file here Adobe issued an emergency advisory informing Adobe Commerce and Magento Open-Source product users of a critical zero-day vulnerability that is being actively exploited in the wild. A zero-day vulnerability which has been...

10CVSS0.7AI score0.99199EPSS
Exploits6
Malwarebytes
Malwarebytes
added 2022/02/14 1:55 p.m.41 views

Adobe patches actively exploited Magento/Adobe Commerce zero-day

Adobe has released an emergency advisory for users of its Commerce and Magento platforms. It explains that a critical zero-day vulnerability is actively being exploited in attacks against sites that use these two content management system CMSs. Users should apply the patch as soon as possible. Th...

10CVSS10AI score0.99199EPSS
Exploits5
Circl
Circl
added 2022/02/14 4:28 a.m.9 views

CVE-2022-24086

creationtimestamp| type| source ---|---|--- 2022-02-14 04:28:01+00:00| exploited| https://t.me/thehackernews/1883 2022-02-14 11:56:15+00:00| exploited| https://t.me/ctinow/46881 2022-02-14 15:30:00+00:00| exploited| https://t.me/truesecator/2626 2022-02-15 10:38:24+00:00| seen|...

10CVSS7.6AI score0.99199EPSS
Exploits5References56
The Hacker News
The Hacker News
added 2022/02/14 3:26 a.m.90 views

Critical Magento 0-Day Vulnerability Under Active Exploitation — Patch Released

Adobe on Sunday rolled out patches to contain a critical security vulnerability impacting its Commerce and Magento Open Source products that it said is being actively exploited in the wild. Tracked as CVE-2022-24086, the shortcoming has a CVSS score of 9.8 out of 10 on the vulnerability scoring...

10CVSS1.8AI score0.99199EPSS
Exploits5
Check Point Advisories
Check Point Advisories
added 2016/07/26 12:0 a.m.39 views

Command Injection Over HTTP (CVE-2019-9166; CVE-2021-43936; CVE-2022-1813; CVE-2022-24086; CVE-2022-24193; CVE-2022-26536; CVE-2022-32092; CVE-2022-37810; CVE-2022-40048)

A command Injection over HTTP vulnerability has been reported. A remote attacker can exploit this issue by sending a specially crafted request to the victim. Successful exploitation would allow an attacker to execute arbitrary code on the target machine...

10CVSS3.9AI score0.99199EPSS
Exploits18
Rows per page
Query Builder