VYPR

Openmage Lts

by Openmage

Source repositories

CVEs (3)

  • CVE-2020-26295Jan 21, 2021
    risk 0.00cvss epss 0.02

    OpenMage is a community-driven alternative to Magento CE. In OpenMage before versions 19.4.10 and 20.0.5, an administrator with permission to import/export data and to edit cms pages was able to inject an executable file on the server via layout xml. The latest OpenMage Versions…

  • CVE-2020-26285Jan 21, 2021
    risk 0.00cvss epss 0.03

    OpenMage is a community-driven alternative to Magento CE. In OpenMage before versions 19.4.10 and 20.0.5, there is a vulnerability which enables remote code execution. In affected versions an administrator with permission to import/export data and to create widget instances was…

  • CVE-2020-26252Jan 20, 2021
    risk 0.00cvss epss 0.02

    OpenMage is a community-driven alternative to Magento CE. In OpenMage before versions 19.4.10 and 20.0.6, there is a vulnerability which enables remote code execution. In affected versions an administrator with permission to update product data to be able to store an executable…