Lucene search
K

4 matches found

OSV
OSV
added 2024/03/06 11:1 a.m.14 views

BIT-MAGENTO-2021-21018 Magnto Commerce Unauthorized Data Modification Could Lead To Arbitrary Code Execution

Magento versions 2.4.1 and earlier, 2.4.0 and earlier and 2.3.6 and earlier are vulnerable to OS command injection via the scheduled operation module. Successful exploitation could lead to arbitrary code execution by an authenticated attacker. Access to the admin console is required for successfu...

9.1CVSS7.9AI score0.04114EPSS
Exploits0References2
Github Security Blog
Github Security Blog
added 2022/05/24 5:41 p.m.36 views

Magento OS Command Injection

Magento versions 2.4.1 and earlier, 2.4.0-p1 and earlier and 2.3.6 and earlier are vulnerable to OS command injection via the scheduled operation module. Successful exploitation could lead to arbitrary code execution by an authenticated attacker. Access to the admin console is required for...

9.1CVSS8.1AI score0.04114EPSS
Exploits0References3Affected Software1
Prion
Prion
added 2021/02/11 8:15 p.m.30 views

Command injection

Magento versions 2.4.1 and earlier, 2.4.0-p1 and earlier and 2.3.6 and earlier are vulnerable to OS command injection via the scheduled operation module. Successful exploitation could lead to arbitrary code execution by an authenticated attacker. Access to the admin console is required for...

9CVSS9.3AI score0.04114EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2021/02/09 12:0 a.m.2 views

PT-2021-2184 · Adobe · Magento

Name of the Vulnerable Software and Affected Versions: Magento versions 2.4.1 and earlier Magento versions 2.4.0-p1 and earlier Magento versions 2.3.6 and earlier Description: The issue is related to OS command injection via the scheduled operation module. Successful exploitation could lead to...

9.1CVSS9.2AI score0.04114EPSS
Exploits0References8
Rows per page
Query Builder