Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / Vendors / magento

magento

380 tracked vulnerabilities.

CVE-2021-36041 CRITICAL

Adobe Commerce/Magento Open Source <=2.4.2-p1 - Admin pub/media Upload Code Execution

CVE-2021-36040 CRITICAL

Adobe Commerce/Magento Open Source <=2.4.2-p1 - Admin File Extension Bypass Code Execution

CVE-2021-36039 MEDIUM

Magento Commerce <2.4.2-2.3.7 - Info Disclosure

CVE-2021-36038 MEDIUM

Magento Commerce <2.4.2-2.3.7 - Info Disclosure

CVE-2021-36037 MEDIUM

Magento Commerce <2.4.2-2.3.7 - Info Disclosure

CVE-2021-36034 CRITICAL

Adobe Commerce/Magento Open Source <=2.4.2-p1 - Admin File Upload Code Execution

CVE-2021-36033 CRITICAL

Magento Commerce <2.4.2-2.3.7 - Code Injection

CVE-2021-36032 HIGH

Magento Commerce <2.4.2-2.3.7 - Privilege Escalation

CVE-2021-36031 HIGH

Magento Commerce <2.4.2-2.3.7 - Path Traversal

CVE-2021-36030 HIGH

Magento Commerce <2.4.2-2.3.7 - Info Disclosure

CVE-2021-36029 CRITICAL

Adobe Commerce/Magento Open Source <=2.4.2-p1 - Admin Authorization Bypass Code Execution

CVE-2021-36028 CRITICAL

Magento Commerce <2.4.2-2.3.7 - Code Injection

CVE-2021-36027 MEDIUM

Magento Commerce <2.4.2-2.3.7 - XSS

CVE-2021-36026 MEDIUM

Magento Commerce <2.4.2-2.3.7 - XSS

CVE-2021-36025 CRITICAL

Adobe Commerce/Magento Open Source <=2.4.2-p1 - Admin Customer File Code Execution

CVE-2021-36024 CRITICAL

Adobe Commerce/Magento Open Source <=2.4.2-p1 - Admin Data Collection Command Execution

CVE-2021-36022 CRITICAL

Magento Commerce <2.4.2-2.3.7 - Code Injection

CVE-2021-36020 HIGH

Magento Commerce <2.4.2-2.3.7 - Code Injection

CVE-2021-36012 MEDIUM

Magento Commerce <2.4.2-2.3.7 - Privilege Escalation

CVE-2021-28585 MEDIUM

Magento < 2.3.6 and 2.4.0-2.4.2-p1 - Improper Input Validation in New Customer WebAPI

CVE-2021-28584 MEDIUM

Magento < 2.3.6 and 2.4.0-2.4.2-p1 - Authenticated Path Traversal and Arbitrary File Write via Child Theme Creation

CVE-2021-28583 HIGH

Magento <2.4.2, 2.4.1-p1, 2.3.6-p1 - Info Disclosure

CVE-2021-28563 MEDIUM

Magento < 2.3.7, 2.4.0-2.4.2-p1 - Unauthenticated Improper Authorization via Create Customer Endpoint

CVE-2021-28556 MEDIUM

Magento < 2.3.7, 2.4.0-2.4.2-p1 - Unauthenticated DOM-based Cross-Site Scripting via mage-messages Cookie

CVE-2021-21064 MEDIUM

Magento UPWARD-php <1.1.4 - Path Traversal

Previous Page 7 of 16 Next

Products

community-edition 355 magento 221 project-community-edition 161 core 24 product-community-edition 4 advanced_newsletter 1 magento1ce 1 magento1ee 1 magento2 1 upward_connector 1 upward_php 1

Quick Filters

Critical CVEs With Exploits In CISA KEV

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy