6 matches found
CVE-2021-41143
OpenMage LTS is an e-commerce platform. Prior to versions 19.4.22 and 20.0.19, Magento admin users with access to the customer media could execute code on the server. Versions 19.4.22 and 20.0.19 contain a patch for this issue...
CVE-2021-41143 OpenMage LTS arbitrary file deletion in customer media allows for remote code execution
OpenMage LTS is an e-commerce platform. Prior to versions 19.4.22 and 20.0.19, Magento admin users with access to the customer media could execute code on the server. Versions 19.4.22 and 20.0.19 contain a patch for this issue...
CVE-2021-41143 OpenMage LTS arbitrary file deletion in customer media allows for remote code execution
OpenMage LTS is an e-commerce platform. Prior to versions 19.4.22 and 20.0.19, Magento admin users with access to the customer media could execute code on the server. Versions 19.4.22 and 20.0.19 contain a patch for this issue...
GHSA-5VPV-XMCJ-9Q85 Fix for arbitrary file deletion in customer media allows for remote code execution
Impact Magento admin users with access to the customer media could execute code on the server...
Fix for arbitrary file deletion in customer media allows for remote code execution
Impact Magento admin users with access to the customer media could execute code on the server...
PT-2023-12374 · Unknown · Openmage Lts
Name of the Vulnerable Software and Affected Versions: OpenMage LTS versions prior to 19.4.22 OpenMage LTS versions prior to 20.0.19 Description: The issue affects OpenMage LTS, an e-commerce platform. Magento admin users with access to the customer media could execute code on the server...