CVSS: 9.1EPSS: 20%CPEs: 20EXPL: 0CVE-2022-34253 – Adobe Commerce XML Injection Arbitrary code execution
https://notcve.org/view.php?id=CVE-2022-34253
16 Aug 2022 — Adobe Commerce versions 2.4.3-p2 (and earlier), 2.3.7-p3 (and earlier) and 2.4.4 (and earlier) are affected by an XML Injection vulnerability in the Widgets Module. An attacker with admin privileges can trigger a specially crafted script to achieve remote code execution. Exploitation of this issue does not require user interaction. Adobe Commerce versiones 2.4.3-p2 (y anteriores), 2.3.7-p3 (y anteriores) y 2.4.4 (y anteriores) están afectadas por una vulnerabilidad de inyección XML en el módulo de widgets. ... • https://helpx.adobe.com/security/products/magento/apsb22-38.html • CWE-91: XML Injection (aka Blind XPath Injection) •
CVSS: 9.0EPSS: 0%CPEs: 20EXPL: 0CVE-2022-34255 – Adobe Commerce Improper Access Control Privilege escalation
https://notcve.org/view.php?id=CVE-2022-34255
16 Aug 2022 — Adobe Commerce versions 2.4.3-p2 (and earlier), 2.3.7-p3 (and earlier) and 2.4.4 (and earlier) are affected by an Improper Access Control vulnerability that could result in Privilege escalation. An attacker with a low privilege account could leverage this vulnerability to perform an account takeover for a victim. Exploitation of this issue does not require user interaction. Adobe Commerce versiones 2.4.3-p2 (y anteriores), 2.3.7-p3 (y anteriores) y 2.4.4 (y anteriores) están afectadas por una vulnerabilidad... • https://helpx.adobe.com/security/products/magento/apsb22-38.html • CWE-284: Improper Access Control CWE-863: Incorrect Authorization •
CVSS: 9.0EPSS: 0%CPEs: 20EXPL: 0CVE-2022-34254 – Adobe Commerce Improper Limitation of a Pathname to a Restricted Directory Arbitrary code execution
https://notcve.org/view.php?id=CVE-2022-34254
16 Aug 2022 — Adobe Commerce versions 2.4.3-p2 (and earlier), 2.3.7-p3 (and earlier) and 2.4.4 (and earlier) are affected by an Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability that could be abused by an attacker to inject malicious scripts into the vulnerable endpoint. A low privileged attacker could leverage this vulnerability to read local files and to perform Stored XSS. Exploitation of this issue does not require user interaction. Adobe Commerce versiones 2.4.3-p2 (y anter... • https://helpx.adobe.com/security/products/magento/apsb22-38.html • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 10.0EPSS: 0%CPEs: 20EXPL: 0CVE-2022-34256 – Adobe Commerce Improper Authorization Privilege escalation
https://notcve.org/view.php?id=CVE-2022-34256
16 Aug 2022 — Adobe Commerce versions 2.4.3-p2 (and earlier), 2.3.7-p3 (and earlier) and 2.4.4 (and earlier) are affected by an Improper Authorization vulnerability that could result in Privilege escalation. An attacker could leverage this vulnerability to access other user's data. Exploitation of this issue does not require user interaction. Adobe Commerce versiones 2.4.3-p2 (y anteriores), 2.3.7-p3 (y anteriores) y 2.4.4 (y anteriores) están afectadas por una vulnerabilidad de Autorización Inapropiada que podría result... • https://helpx.adobe.com/security/products/magento/apsb22-38.html • CWE-285: Improper Authorization •
CVSS: 4.8EPSS: 44%CPEs: 20EXPL: 0CVE-2022-34258 – Adobe Commerce Stored XSS Arbitrary code execution
https://notcve.org/view.php?id=CVE-2022-34258
16 Aug 2022 — Adobe Commerce versions 2.4.3-p2 (and earlier), 2.3.7-p3 (and earlier) and 2.4.4 (and earlier) are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker with admin privileges to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field. Adobe Commerce versiones 2.4.3-p2 (y anteriores), 2.3.7-p3 (y anteriores) y 2.4.4 (y anteriores) están afectadas po... • https://helpx.adobe.com/security/products/magento/apsb22-38.html • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 10.0EPSS: 91%CPEs: 14EXPL: 10CVE-2022-24086 – Adobe Commerce and Magento Open Source Improper Input Validation Vulnerability
https://notcve.org/view.php?id=CVE-2022-24086
16 Feb 2022 — Adobe Commerce versions 2.4.3-p1 (and earlier) and 2.3.7-p2 (and earlier) are affected by an improper input validation vulnerability during the checkout process. Exploitation of this issue does not require user interaction and could result in arbitrary code execution. Adobe Commerce versiones 2.4.3-p1 (y anteriores) y 2.3.7-p2 (y anteriores), están afectadas por una vulnerabilidad de comprobación de entrada inapropiada durante el proceso de compra. Una explotación de este problema no requiere la interacción... • https://github.com/Mr-xn/CVE-2022-24086 • CWE-20: Improper Input Validation •
CVSS: 7.2EPSS: 0%CPEs: 2EXPL: 0CVE-2021-32759 – Data Flow Sanitation Issue Fix
https://notcve.org/view.php?id=CVE-2021-32759
27 Aug 2021 — OpenMage magento-lts is an alternative to the Magento CE official releases. Due to missing sanitation in data flow in versions prior to 19.4.15 and 20.0.13, it was possible for admin users to upload arbitrary executable files to the server. OpenMage versions 19.4.15 and 20.0.13 have a patch for this Issue. OpenMage magento-lts es una alternativa a las versiones oficiales de Magento CE. Debido a una falta de saneamiento en el flujo de datos en las versiones anteriores a 19.4.15 y 20.0.13, era posible que los... • https://github.com/OpenMage/magento-lts/releases/tag/v19.4.15 • CWE-20: Improper Input Validation •
CVSS: 9.1EPSS: 0%CPEs: 2EXPL: 0CVE-2021-21427 – Backport for CVE-2021-21024 Blind SQLi from Magento 2
https://notcve.org/view.php?id=CVE-2021-21427
21 Apr 2021 — Magento-lts is a long-term support alternative to Magento Community Edition (CE). A vulnerability in magento-lts versions before 19.4.13 and 20.0.9 potentially allows an administrator unauthorized access to restricted resources. This is a backport of CVE-2021-21024. The vulnerability is patched in versions 19.4.13 and 20.0.9. Magento-lts es una alternativa de soporte a largo plazo a Magento Community Edition (CE). • https://github.com/OpenMage/magento-lts/security/advisories/GHSA-fvrf-9428-527m • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 9.8EPSS: 0%CPEs: 2EXPL: 0CVE-2021-21426 – Fixes a bug in Zend Framework's Stream HTTP Wrapper
https://notcve.org/view.php?id=CVE-2021-21426
21 Apr 2021 — Magento-lts is a long-term support alternative to Magento Community Edition (CE). In magento-lts versions 19.4.12 and prior and 20.0.8 and prior, there is a vulnerability caused by the unsecured deserialization of an object. A patch in versions 19.4.13 and 20.0.9 was back ported from Zend Framework 3. The vulnerability was assigned CVE-2021-3007 in Zend Framework. Magento-lts es una alternativa de soporte a largo plazo a Magento Community Edition (CE). • https://github.com/OpenMage/magento-lts/security/advisories/GHSA-m496-x567-f98c • CWE-502: Deserialization of Untrusted Data •
CVSS: 8.0EPSS: 0%CPEs: 2EXPL: 0CVE-2020-15244 – RCE in Magento
https://notcve.org/view.php?id=CVE-2020-15244
21 Oct 2020 — In Magento (rubygems openmage/magento-lts package) before versions 19.4.8 and 20.0.4, an admin user can generate soap credentials that can be used to trigger RCE via PHP Object Injection through product attributes and a product. The issue is patched in versions 19.4.8 and 20.0.4. En Magento (paquete rubygems openmage/magento-lts) versiones anteriores a 19.4.8 y 20.0.4, un usuario administrador puede generar credenciales soap que pueden ser usadas para activar una RCE por medio de la inyección de objetos PHP... • https://github.com/OpenMage/magento-lts • CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') CWE-502: Deserialization of Untrusted Data •