Lucene search
K

11 matches found

RedhatCVE
RedhatCVE
added 2025/05/22 5:35 p.m.8 views

CVE-2020-9587

Magento versions 2.3.4 and earlier, 2.2.11 and earlier see note, 1.14.4.4 and earlier, and 1.9.4.4 and earlier have an authorization bypass vulnerability. Successful exploitation could lead to potentially unauthorized product discounts...

7.5CVSS6.7AI score0.05009EPSS
Exploits0References1
OSV
OSV
added 2024/03/06 11:3 a.m.30 views

BIT-MAGENTO-2020-9587

Magento versions 2.3.4 and earlier, 2.2.11 and earlier see note, 1.14.4.4 and earlier, and 1.9.4.4 and earlier have an authorization bypass vulnerability. Successful exploitation could lead to potentially unauthorized product discounts...

7.5CVSS7.4AI score0.05009EPSS
Exploits0References2
Github Security Blog
Github Security Blog
added 2022/05/24 5:21 p.m.23 views

Magento authorization bypass vulnerability

Magento versions 2.3.4 and earlier, 2.2.11 and earlier see note, 1.14.4.4 and earlier, and 1.9.4.4 and earlier have an authorization bypass vulnerability. Successful exploitation could lead to potentially unauthorized product discounts...

7.5CVSS7AI score0.05009EPSS
Exploits0References3Affected Software3
OSV
OSV
added 2022/05/24 5:21 p.m.34 views

GHSA-8WM7-H2QH-FF4C Magento authorization bypass vulnerability

Magento versions 2.3.4 and earlier, 2.2.11 and earlier see note, 1.14.4.4 and earlier, and 1.9.4.4 and earlier have an authorization bypass vulnerability. Successful exploitation could lead to potentially unauthorized product discounts...

7.5CVSS7.4AI score0.05009EPSS
Exploits0References3
Hacker One
Hacker One
added 2022/05/16 9:24 a.m.24 views

TikTok: Create product discounts of any shop

An Insecure Direct Object Reference IDOR vulnerability was found on a TikTok seller endpoint, which could have resulted in any user to create product discounts for shops they did not own. We thank @datph4m for reporting this to our team...

0.5AI score
Exploits0
Veracode
Veracode
added 2020/06/29 5:14 a.m.16 views

Authorization Bypass

magento/community-edition is vulnerable to authorization bypass. The application allows an attacker to create unauthorized product discounts upon successful exploitation of the vulnerability...

7.5CVSS4.2AI score0.05009EPSS
Exploits0References1Affected Software1
NVD
NVD
added 2020/06/26 9:15 p.m.27 views

CVE-2020-9587

Magento versions 2.3.4 and earlier, 2.2.11 and earlier see note, 1.14.4.4 and earlier, and 1.9.4.4 and earlier have an authorization bypass vulnerability. Successful exploitation could lead to potentially unauthorized product discounts...

7.5CVSS0.05009EPSS
Exploits0References1
OSV
OSV
added 2020/06/26 9:15 p.m.18 views

CVE-2020-9587

Magento versions 2.3.4 and earlier, 2.2.11 and earlier see note, 1.14.4.4 and earlier, and 1.9.4.4 and earlier have an authorization bypass vulnerability. Successful exploitation could lead to potentially unauthorized product discounts...

7.5CVSS6.7AI score
Exploits0References1
Cvelist
Cvelist
added 2020/06/26 8:19 p.m.29 views

CVE-2020-9587

Magento versions 2.3.4 and earlier, 2.2.11 and earlier see note, 1.14.4.4 and earlier, and 1.9.4.4 and earlier have an authorization bypass vulnerability. Successful exploitation could lead to potentially unauthorized product discounts...

7.5AI score0.05009EPSS
Exploits0References1
CVE
CVE
added 2020/06/26 8:19 p.m.78 views

CVE-2020-9587

CVE-2020-9587 corresponds to an authorization bypass vulnerability in Adobe Magento. According to the connected records, affected Magento versions are 2.3.4 and earlier, 2.2.11 and earlier (see note), 1.14.4.4 and earlier, and 1.9.4.4 and earlier. Successful exploitation could lead to unauthorize...

7.5CVSS7.3AI score0.05009EPSS
Exploits0References1Affected Software1
OpenVAS
OpenVAS
added 2020/05/04 12:0 a.m.101 views

Magento Multiple Vulnerabilities (APSB20-22)

Magento is prone to multiple vulnerabilities. Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

9.8CVSS7.8AI score0.0572EPSS
Exploits0References1
Rows per page
Query Builder