CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

5 matches found

Cvelist•added 2023/01/27 5:57 p.m.•12 views

CVE-2021-39217 OpenMage LTS arbitrary command execution in custom layout update through blocks

OpenMage LTS is an e-commerce platform. Prior to versions 19.4.22 and 20.0.19, Custom Layout enabled admin users to execute arbitrary commands via block methods. Versions 19.4.22 and 20.0.19 contain patches for this issue...

7.2CVSS7.5AI score0.00724EPSS

Exploits0References4

Github Security Blog•added 2023/01/27 12:54 a.m.•19 views

Fix for arbitrary command execution in custom layout update through blocks

Impact Custom Layout enabled admin users to execute arbitrary commands via block methods...

7.2CVSS7.3AI score0.00724EPSS

Exploits0References6Affected Software1

OSV•added 2023/01/27 12:54 a.m.•25 views

GHSA-C9Q3-R4RV-MJM7 Fix for arbitrary command execution in custom layout update through blocks

Impact Custom Layout enabled admin users to execute arbitrary commands via block methods...

7.2CVSS7.2AI score0.00724EPSS

Exploits0References6

OSV•added 2021/08/30 5:20 p.m.•17 views

GHSA-26RR-V2J2-25FH Layout XML Arbitrary Code Fix

Impact Layout XML enabled admin users to execute arbitrary commands via block methods...

9CVSS7.3AI score0.0036EPSS

Exploits0References5

Github Security Blog•added 2021/08/30 5:20 p.m.•56 views

Layout XML Arbitrary Code Fix

Impact Layout XML enabled admin users to execute arbitrary commands via block methods...

9CVSS5.3AI score0.0036EPSS

Exploits0References6Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by