CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

321 matches found

RedhatCVE•added 2026/01/07 9:37 a.m.•10 views

CVE-2019-7897

A stored cross-site scripting vulnerability exists in the admin panel of Magento Open Source prior to 1.9.4.2, and Magento Commerce prior to 1.14.4.2, Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. This could be exploited by an authenticated user with...

4.8CVSS5.6AI score0.00557EPSS

Exploits0References1

RedhatCVE•added 2026/01/07 9:36 a.m.•10 views

CVE-2019-7945

A stored cross-cite scripting vulnerability exists in Magento Open Source prior to 1.9.4.2, and Magento Commerce prior to 1.14.4.2, Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. An authenticated user with privileges to modify currency symbols can inject...

5.4CVSS6AI score0.00566EPSS

Exploits0References1

RedhatCVE•added 2026/01/07 9:36 a.m.•3 views

CVE-2019-7909

4.8CVSS5.7AI score0.00557EPSS

Exploits0References1

RedhatCVE•added 2026/01/07 9:36 a.m.•6 views

CVE-2019-7882

A stored cross-site scripting vulnerability exists in the WYSIWYG editor of Magento Open Source prior to 1.9.4.2, and Magento Commerce prior to 1.14.4.2, Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. An authenticated user with privileges to the editor can...

5.4CVSS5.8AI score0.00566EPSS

Exploits0References1

RedhatCVE•added 2026/01/07 9:35 a.m.•5 views

CVE-2019-7932

A remote code execution vulnerability exists in Magento Open Source prior to 1.9.4.2, and Magento Commerce prior to 1.14.4.2, Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. An authenticated user with admin privileges to create sitemaps can execute arbitrary P...

7.2CVSS7.9AI score0.02413EPSS

Exploits0References1

RedhatCVE•added 2026/01/07 9:35 a.m.•8 views

CVE-2019-7911

A server-side request forgery SSRF vulnerability exists in Magento Open Source prior to 1.9.4.2, and Magento Commerce prior to 1.14.4.2, Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. This can be exploited by an authenticated user with access to the admin pan...

7.2CVSS7.2AI score0.01438EPSS

Exploits0References1

RedhatCVE•added 2026/01/07 9:33 a.m.•5 views

CVE-2019-7898

Samples of disabled downloadable products are accessible in Magento Open Source prior to 1.9.4.2, and Magento Commerce prior to 1.14.4.2, Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2 due to inadequate validation of user input...

5.3CVSS6.7AI score0.00928EPSS

Exploits0References1