Lucene search
K

11 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2022-3475

Malicious code in bioql PyPI...

7.5CVSS7.7AI score0.01186EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2022-4461

Malicious code in bioql PyPI...

6.1CVSS6.3AI score0.0172EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2025/05/22 8:52 a.m.11 views

CVE-2019-8134

A SQL injection vulnerability exists in Magento 2.2 prior to 2.2.10, Magento 2.3 prior to 2.3.3 or 2.3.2-p1. A user with marketing privileges can execute arbitrary SQL queries in the database when accessing email template variables...

8.8CVSS8.2AI score0.01002EPSS
Exploits0References1
Snyk
Snyk
added 2024/08/14 12:35 p.m.1 views

Improper Authorization

Overview magento/community-edition is a modern cloud eCommerce platform. Affected versions of this package are vulnerable to Improper Authorization. An attacker can gain access to minor information by bypassing security restrictions using a low-privileged account. Remediation Upgrade...

5.3CVSS6.5AI score0.00442EPSS
Exploits0References2
Metasploit
Metasploit
added 2024/07/18 7:53 p.m.426 views

Magento XXE Unserialize Arbitrary File Read

This module exploits a XXE vulnerability in Magento 2.4.7-p1 and below which allows an attacker to read any file on the system. Module Options msf use auxiliary/gather/magentoxxecve202434102 msf auxiliarymagentoxxecve202434102 show actions ...actions... msf auxiliarymagentoxxecve202434102 set...

9.8CVSS6.9AI score0.99994EPSS
Exploits26
Positive Technologies
Positive Technologies
added 2021/08/11 12:0 a.m.5 views

PT-2021-6734 · Adobe · Magento

Name of the Vulnerable Software and Affected Versions: Magento versions 2.4.2 and earlier, 2.4.2-p1 and earlier Magento versions 2.3.7 and earlier Description: The issue is caused by improper input validation within the CMS page scheduled update feature. An authenticated attacker with...

8.5CVSS7.2AI score0.01949EPSS
Exploits0References8
CNNVD
CNNVD
added 2021/05/11 12:0 a.m.5 views

Adobe Magento 路径遍历漏洞

Adobe Magento is the United States of America Odobie Adobe company's set of open source PHP e-commerce system . The system provides rights management, search engine and payment gateway features. A path traversal vulnerability exists in Adobe Magento. The vulnerability exists due to an input...

7.2CVSS6.7AI score0.0178EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2020/10/15 12:0 a.m.5 views

PT-2020-4582 · Adobe · Magento

Name of the Vulnerable Software and Affected Versions: Magento versions 2.4.0 and 2.3.5p1 and earlier Description: The issue is related to incorrect permissions within the Integrations component, which could be exploited by users with permissions to the Pages resource to delete cms pages via the...

7.8CVSS3.6AI score0.0156EPSS
Exploits0References11
Positive Technologies
Positive Technologies
added 2020/07/28 12:0 a.m.5 views

PT-2020-5060 · Adobe · Magento

Name of the Vulnerable Software and Affected Versions: Magento versions 2.3.5-p1 and earlier Description: The issue is related to a security mitigation bypass vulnerability in the authorization mechanism of the Magento platform. Successful exploitation could lead to arbitrary code execution,...

9CVSS6.6AI score0.03807EPSS
Exploits0References9
Positive Technologies
Positive Technologies
added 2020/06/26 12:0 a.m.5 views

PT-2020-20731 · Adobe · Magento

Name of the Vulnerable Software and Affected Versions: Magento versions 2.3.4 and earlier Magento versions 2.2.11 and earlier Magento versions 1.14.4.4 and earlier Magento versions 1.9.4.4 and earlier Description: The issue allows for a security mitigation bypass, which could lead to arbitrary co...

10CVSS9.6AI score0.07397EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2020/04/28 12:0 a.m.3 views

PT-2020-6290 · Adobe · Magento

Name of the Vulnerable Software and Affected Versions: Magento versions 2.3.4 and earlier Magento versions 2.2.11 and earlier Magento version 1.14.4.4 and earlier Magento version 1.9.4.4 and earlier Description: The issue is related to a command injection vulnerability. It could allow a remote...

10CVSS9.6AI score0.0572EPSS
Exploits0References8
Rows per page
Query Builder