6 matches found
CVE-2021-41143
OpenMage LTS is an e-commerce platform. Prior to versions 19.4.22 and 20.0.19, Magento admin users with access to the customer media could execute code on the server. Versions 19.4.22 and 20.0.19 contain a patch for this issue...
CVE-2021-41143 OpenMage LTS arbitrary file deletion in customer media allows for remote code execution
OpenMage LTS is an e-commerce platform. Prior to versions 19.4.22 and 20.0.19, Magento admin users with access to the customer media could execute code on the server. Versions 19.4.22 and 20.0.19 contain a patch for this issue...
CVE-2021-41143 OpenMage LTS arbitrary file deletion in customer media allows for remote code execution
OpenMage LTS is an e-commerce platform. Prior to versions 19.4.22 and 20.0.19, Magento admin users with access to the customer media could execute code on the server. Versions 19.4.22 and 20.0.19 contain a patch for this issue...
Fix for arbitrary file deletion in customer media allows for remote code execution
Impact Magento admin users with access to the customer media could execute code on the server...
GHSA-5VPV-XMCJ-9Q85 Fix for arbitrary file deletion in customer media allows for remote code execution
Impact Magento admin users with access to the customer media could execute code on the server...
PT-2023-12374 · Unknown · Openmage Lts
Name of the Vulnerable Software and Affected Versions: OpenMage LTS versions prior to 19.4.22 OpenMage LTS versions prior to 20.0.19 Description: The issue affects OpenMage LTS, an e-commerce platform. Magento admin users with access to the customer media could execute code on the server...