EUVD-2022-4461

Malicious code in bioql PyPI...

EUVD-2022-3475

Malicious code in bioql PyPI...

CVE-2019-8134

A SQL injection vulnerability exists in Magento 2.2 prior to 2.2.10, Magento 2.3 prior to 2.3.3 or 2.3.2-p1. A user with marketing privileges can execute arbitrary SQL queries in the database when accessing email template variables...

Improper Authorization

Overview magento/community-edition is a modern cloud eCommerce platform. Affected versions of this package are vulnerable to Improper Authorization. An attacker can gain access to minor information by bypassing security restrictions using a low-privileged account. Remediation Upgrade...

Magento XXE Unserialize Arbitrary File Read

This module exploits a XXE vulnerability in Magento 2.4.7-p1 and below which allows an attacker to read any file on the system. Module Options msf use auxiliary/gather/magentoxxecve202434102 msf auxiliarymagentoxxecve202434102 show actions ...actions... msf auxiliarymagentoxxecve202434102 set...

PT-2021-6734 · Adobe · Magento

Name of the Vulnerable Software and Affected Versions: Magento versions 2.4.2 and earlier, 2.4.2-p1 and earlier Magento versions 2.3.7 and earlier Description: The issue is caused by improper input validation within the CMS page scheduled update feature. An authenticated attacker with...

Adobe Magento 路径遍历漏洞

Adobe Magento is the United States of America Odobie Adobe company's set of open source PHP e-commerce system . The system provides rights management, search engine and payment gateway features. A path traversal vulnerability exists in Adobe Magento. The vulnerability exists due to an input...

PT-2020-4582 · Adobe · Magento

Name of the Vulnerable Software and Affected Versions: Magento versions 2.4.0 and 2.3.5p1 and earlier Description: The issue is related to incorrect permissions within the Integrations component, which could be exploited by users with permissions to the Pages resource to delete cms pages via the...

PT-2020-5060 · Adobe · Magento

Name of the Vulnerable Software and Affected Versions: Magento versions 2.3.5-p1 and earlier Description: The issue is related to a security mitigation bypass vulnerability in the authorization mechanism of the Magento platform. Successful exploitation could lead to arbitrary code execution,...

PT-2020-20731 · Adobe · Magento

Name of the Vulnerable Software and Affected Versions: Magento versions 2.3.4 and earlier Magento versions 2.2.11 and earlier Magento versions 1.14.4.4 and earlier Magento versions 1.9.4.4 and earlier Description: The issue allows for a security mitigation bypass, which could lead to arbitrary co...

PT-2020-6290 · Adobe · Magento

Name of the Vulnerable Software and Affected Versions: Magento versions 2.3.4 and earlier Magento versions 2.2.11 and earlier Magento version 1.14.4.4 and earlier Magento version 1.9.4.4 and earlier Description: The issue is related to a command injection vulnerability. It could allow a remote...