Mark Lewis

4 exploits Active since Oct 2020
CVE-2020-15244 WRITEUP HIGH WRITEUP
Magento <19.4.8-20.0.4 - Code Injection
In Magento (rubygems openmage/magento-lts package) before versions 19.4.8 and 20.0.4, an admin user can generate soap credentials that can be used to trigger RCE via PHP Object Injection through product attributes and a product. The issue is patched in versions 19.4.8 and 20.0.4.
CVSS 8.0
CVE-2021-39217 WRITEUP HIGH WRITEUP
OpenMage LTS < 19.4.22 - Authenticated Remote Code Execution via Custom Layout Block Methods
OpenMage LTS is an e-commerce platform. Prior to versions 19.4.22 and 20.0.19, Custom Layout enabled admin users to execute arbitrary commands via block methods. Versions 19.4.22 and 20.0.19 contain patches for this issue.
CVSS 7.2
CVE-2021-41144 WRITEUP HIGH WRITEUP
OpenMage Magento < 19.4.22 - Remote Code Execution via Layout Block Bypass
OpenMage LTS is an e-commerce platform. Prior to versions 19.4.22 and 20.0.19, a layout block was able to bypass the block blacklist to execute remote code. Versions 19.4.22 and 20.0.19 contain a patch for this issue.
CVSS 8.8
CVE-2021-41231 WRITEUP HIGH WRITEUP
OpenMage Magento < 19.4.22 - Authenticated Arbitrary Code Execution via DataFlow Convert Profile
OpenMage LTS is an e-commerce platform. Prior to versions 19.4.22 and 20.0.19, an administrator with the permissions to upload files via DataFlow and to create products was able to execute arbitrary code via the convert profile. Versions 19.4.22 and 20.0.19 contain a patch for this issue.
CVSS 7.2