Adobe

Magento

161 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
  • EPSS 1.22%
  • Veröffentlicht 15.06.2023 19:15:11
  • Zuletzt bearbeitet 21.11.2024 07:56:49

Adobe Commerce versions 2.4.6 (and earlier), 2.4.5-p2 (and earlier) and 2.4.4-p3 (and earlier) are affected by a Improper Neutralization of Special Elements Used in a Template Engine vulnerability that could lead to arbitrary code execution by an adm...

  • EPSS 0.92%
  • Veröffentlicht 15.06.2023 19:15:10
  • Zuletzt bearbeitet 21.11.2024 07:44:23

Adobe Commerce versions 2.4.6 (and earlier), 2.4.5-p2 (and earlier) and 2.4.4-p3 (and earlier) are affected by an Incorrect Authorization vulnerability that could result in a security feature bypass. An attacker could leverage this vulnerability to l...

  • EPSS 0.64%
  • Veröffentlicht 15.06.2023 19:15:10
  • Zuletzt bearbeitet 21.11.2024 07:56:48

Adobe Commerce versions 2.4.6 (and earlier), 2.4.5-p2 (and earlier) and 2.4.4-p3 (and earlier) are affected by an Information Exposure vulnerability that could lead to a security feature bypass. An attacker could leverage this vulnerability to leak m...

  • EPSS 0.59%
  • Veröffentlicht 15.06.2023 19:15:10
  • Zuletzt bearbeitet 21.11.2024 07:56:48

Adobe Commerce versions 2.4.6 (and earlier), 2.4.5-p2 (and earlier) and 2.4.4-p3 (and earlier) are affected by an Incorrect Authorization vulnerability that could result in a security feature bypass. A privileged attacker could leverage this vulnerab...

  • EPSS 0.79%
  • Veröffentlicht 15.06.2023 19:15:10
  • Zuletzt bearbeitet 21.11.2024 07:56:48

Adobe Commerce versions 2.4.6 (and earlier), 2.4.5-p2 (and earlier) and 2.4.4-p3 (and earlier) are affected by an XML Injection vulnerability. An attacker with low privileges can trigger a specially crafted script to a security feature bypass. Exploi...

  • EPSS 0.57%
  • Veröffentlicht 15.06.2023 19:15:10
  • Zuletzt bearbeitet 21.11.2024 07:56:48

Adobe Commerce versions 2.4.6 (and earlier), 2.4.5-p2 (and earlier) and 2.4.4-p3 (and earlier) are affected by an Incorrect Authorization vulnerability that could result in a security feature bypass. An attacker could leverage this vulnerability to b...

  • EPSS 0.99%
  • Veröffentlicht 15.06.2023 19:15:10
  • Zuletzt bearbeitet 21.11.2024 07:56:48

Adobe Commerce versions 2.4.6 (and earlier), 2.4.5-p2 (and earlier) and 2.4.4-p3 (and earlier) are affected by a Server-Side Request Forgery (SSRF) vulnerability that could lead to arbitrary file system read. An admin-privilege authenticated attacker...

  • EPSS 0.86%
  • Veröffentlicht 15.06.2023 19:15:10
  • Zuletzt bearbeitet 21.11.2024 07:56:48

Adobe Commerce versions 2.4.6 (and earlier), 2.4.5-p2 (and earlier) and 2.4.4-p3 (and earlier) are affected by a Server-Side Request Forgery (SSRF) vulnerability that could lead to arbitrary file system read. An admin-privilege authenticated attacker...

Warnung
  • EPSS 99.2%
  • Veröffentlicht 16.02.2022 17:15:13
  • Zuletzt bearbeitet 23.10.2025 14:51:16

Adobe Commerce versions 2.4.3-p1 (and earlier) and 2.3.7-p2 (and earlier) are affected by an improper input validation vulnerability during the checkout process. Exploitation of this issue does not require user interaction and could result in arbitra...

  • EPSS 3.18%
  • Veröffentlicht 13.01.2021 23:15:14
  • Zuletzt bearbeitet 21.11.2024 05:47:24

Magento versions 2.4.1 (and earlier), 2.4.0-p1 (and earlier) and 2.3.6 (and earlier) are vulnerable to an insecure direct object vulnerability (IDOR) in the customer API module. Successful exploitation could lead to sensitive information disclosure a...