Magento
by Magento
Source repositories
CVEs (23)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2016-4010 | Cri | 0.74 | 9.8 | 0.93 | Jan 23, 2017 | Magento CE and EE before 2.0.6 allows remote attackers to conduct PHP objection injection attacks and execute arbitrary PHP code via crafted serialized shopping cart data. | ||
| CVE-2015-8707 | Cri | 0.64 | 9.8 | 0.01 | Sep 26, 2017 | Password reset tokens in Magento CE before 1.9.2.2, and Magento EE before 1.14.2.2 are passed via a GET request and not canceled after use, which allows remote attackers to obtain user passwords via a crafted external service with access to the referrer field. | ||
| CVE-2025-23465 | Hig | 0.46 | 7.1 | 0.00 | Mar 3, 2025 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in magent Vampire Character Manager vampire-character allows Reflected XSS.This issue affects Vampire Character Manager: from n/a through <= 2.13. | ||
| CVE-2016-10704 | Med | 0.40 | 6.1 | 0.01 | Dec 30, 2017 | Magento Community Edition and Enterprise Edition before 2.0.10 and 2.1.x before 2.1.2 have XSS via e-mail templates that are mishandled during a preview, aka APPSEC-1503. | ||
| CVE-2014-9758 | Med | 0.40 | 6.1 | 0.01 | Sep 20, 2017 | Cross-site scripting (XSS) vulnerability in Magento E-Commerce Platform 1.9.0.1. | ||
| CVE-2016-2212 | Med | 0.35 | 5.3 | 0.03 | Apr 15, 2016 | The getOrderByStatusUrlKey function in the Mage_Rss_Helper_Order class in app/code/core/Mage/Rss/Helper/Order.php in Magento Enterprise Edition before 1.14.2.3 and Magento Community Edition before 1.9.2.3 allows remote attackers to obtain sensitive order information via the… | ||
| CVE-2015-1397 | 0.08 | — | 0.57 | Apr 29, 2015 | SQL injection vulnerability in the getCsvFile function in the Mage_Adminhtml_Block_Widget_Grid class in Magento Community Edition (CE) 1.9.1.0 and Enterprise Edition (EE) 1.14.1.0 allows remote administrators to execute arbitrary SQL commands via the popularity[field_expr]… | |||
| CVE-2019-7139 | 0.05 | — | 0.15 | Apr 10, 2019 | An unauthenticated user can execute SQL statements that allow arbitrary read access to the underlying database, which causes sensitive data leakage. This issue is fixed in Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. | |||
| CVE-2009-0541 | 0.03 | — | 0.02 | Feb 25, 2009 | Multiple cross-site scripting (XSS) vulnerabilities in Magento 1.2.0 and 1.2.1.1 allow remote attackers to inject arbitrary web script or HTML via (1) the username field in an admin/ request to index.php, possibly related to the login[username] parameter and the… | |||
| CVE-2015-3457 | 0.02 | — | 0.25 | Apr 29, 2015 | Magento Community Edition (CE) 1.9.1.0 and Enterprise Edition (EE) 1.14.1.0 allow remote attackers to bypass authentication via the forwarded parameter. | |||
| CVE-2015-1399 | 0.01 | — | 0.10 | Apr 29, 2015 | PHP remote file inclusion vulnerability in the fetchView function in the Mage_Core_Block_Template_Zend class in Magento Community Edition (CE) 1.9.1.0 and Enterprise Edition (EE) 1.14.1.0 allows remote administrators to execute arbitrary PHP code via a URL in unspecified vectors… | |||
| CVE-2015-1398 | 0.01 | — | 0.14 | Apr 29, 2015 | Multiple directory traversal vulnerabilities in Magento Community Edition (CE) 1.9.1.0 and Enterprise Edition (EE) 1.14.1.0 allow remote authenticated users to include and execute certain PHP files via (1) .. (dot dot) sequences in the PATH_INFO to index.php or (2) vectors… | |||
| CVE-2021-21064 | 0.00 | — | 0.09 | Feb 25, 2021 | Magento UPWARD-php version 1.1.4 (and earlier) is affected by a Path traversal vulnerability in Magento UPWARD Connector version 1.1.2 (and earlier) due to the upload feature. An attacker could potentially exploit this vulnerability to upload a malicious YAML file that can… | |||
| CVE-2014-1634 | 0.00 | — | 0.01 | Mar 9, 2020 | SQL Injection exists in Advanced Newsletter Magento extension before 2.3.5 via the /store/advancednewsletter/index/subscribeajax/an_category_id/ PATH_INFO. | |||
| CVE-2012-6091 | 0.00 | — | 0.02 | Feb 13, 2020 | Zend_XmlRpc Class in Magento before 1.7.0.2 contains an information disclosure vulnerability. | |||
| CVE-2019-8155 | 0.00 | — | 0.01 | Nov 5, 2019 | Magento prior to 1.9.4.3 and prior to 1.14.4.3 included a user's CSRF token in the URL of a GET request. This could be exploited by an attacker with access to network traffic to perform unauthorized actions. | |||
| CVE-2019-8125 | 0.00 | — | 0.02 | Nov 5, 2019 | A remote code execution vulnerability exists in Magento 1 prior to 1.9.x and 1.14.x. An authenticated admin user can modify configuration parameters via crafted support configuration. The modification can lead to remote code execution. | |||
| CVE-2019-8116 | 0.00 | — | 0.02 | Nov 5, 2019 | Insecure authentication and session management vulnerability exists in Magento 2.2 prior to 2.2.10, Magento 2.3 prior to 2.3.3 or 2.3.2-p1. An unauthenticated user can leverage a guest session id value following a successful login to gain access to customer account index page. | |||
| CVE-2019-8091 | 0.00 | — | 0.02 | Nov 5, 2019 | A remote code execution vulnerability exists in Magento 1 prior to 1.9.4.3 and 1.14.4.3. An authenticated admin user with privileges to access product attributes can leverage layout updates to trigger remote code execution. | |||
| CVE-2019-8235 | 0.00 | — | 0.02 | Oct 29, 2019 | An insecure direct object reference (IDOR) vulnerability exists in Magento 2.3 prior to 2.3.1, 2.2 prior to 2.2.8, and 2.1 prior to 2.1.17 versions. An authenticated user may be able to view personally identifiable shipping details of another user due to insufficient validation… |
- risk 0.74cvss 9.8epss 0.93
Magento CE and EE before 2.0.6 allows remote attackers to conduct PHP objection injection attacks and execute arbitrary PHP code via crafted serialized shopping cart data.
- risk 0.64cvss 9.8epss 0.01
Password reset tokens in Magento CE before 1.9.2.2, and Magento EE before 1.14.2.2 are passed via a GET request and not canceled after use, which allows remote attackers to obtain user passwords via a crafted external service with access to the referrer field.
- risk 0.46cvss 7.1epss 0.00
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in magent Vampire Character Manager vampire-character allows Reflected XSS.This issue affects Vampire Character Manager: from n/a through <= 2.13.
- risk 0.40cvss 6.1epss 0.01
Magento Community Edition and Enterprise Edition before 2.0.10 and 2.1.x before 2.1.2 have XSS via e-mail templates that are mishandled during a preview, aka APPSEC-1503.
- risk 0.40cvss 6.1epss 0.01
Cross-site scripting (XSS) vulnerability in Magento E-Commerce Platform 1.9.0.1.
- risk 0.35cvss 5.3epss 0.03
The getOrderByStatusUrlKey function in the Mage_Rss_Helper_Order class in app/code/core/Mage/Rss/Helper/Order.php in Magento Enterprise Edition before 1.14.2.3 and Magento Community Edition before 1.9.2.3 allows remote attackers to obtain sensitive order information via the…
- CVE-2015-1397Apr 29, 2015risk 0.08cvss —epss 0.57
SQL injection vulnerability in the getCsvFile function in the Mage_Adminhtml_Block_Widget_Grid class in Magento Community Edition (CE) 1.9.1.0 and Enterprise Edition (EE) 1.14.1.0 allows remote administrators to execute arbitrary SQL commands via the popularity[field_expr]…
- CVE-2019-7139Apr 10, 2019risk 0.05cvss —epss 0.15
An unauthenticated user can execute SQL statements that allow arbitrary read access to the underlying database, which causes sensitive data leakage. This issue is fixed in Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2.
- CVE-2009-0541Feb 25, 2009risk 0.03cvss —epss 0.02
Multiple cross-site scripting (XSS) vulnerabilities in Magento 1.2.0 and 1.2.1.1 allow remote attackers to inject arbitrary web script or HTML via (1) the username field in an admin/ request to index.php, possibly related to the login[username] parameter and the…
- CVE-2015-3457Apr 29, 2015risk 0.02cvss —epss 0.25
Magento Community Edition (CE) 1.9.1.0 and Enterprise Edition (EE) 1.14.1.0 allow remote attackers to bypass authentication via the forwarded parameter.
- CVE-2015-1399Apr 29, 2015risk 0.01cvss —epss 0.10
PHP remote file inclusion vulnerability in the fetchView function in the Mage_Core_Block_Template_Zend class in Magento Community Edition (CE) 1.9.1.0 and Enterprise Edition (EE) 1.14.1.0 allows remote administrators to execute arbitrary PHP code via a URL in unspecified vectors…
- CVE-2015-1398Apr 29, 2015risk 0.01cvss —epss 0.14
Multiple directory traversal vulnerabilities in Magento Community Edition (CE) 1.9.1.0 and Enterprise Edition (EE) 1.14.1.0 allow remote authenticated users to include and execute certain PHP files via (1) .. (dot dot) sequences in the PATH_INFO to index.php or (2) vectors…
- CVE-2021-21064Feb 25, 2021risk 0.00cvss —epss 0.09
Magento UPWARD-php version 1.1.4 (and earlier) is affected by a Path traversal vulnerability in Magento UPWARD Connector version 1.1.2 (and earlier) due to the upload feature. An attacker could potentially exploit this vulnerability to upload a malicious YAML file that can…
- CVE-2014-1634Mar 9, 2020risk 0.00cvss —epss 0.01
SQL Injection exists in Advanced Newsletter Magento extension before 2.3.5 via the /store/advancednewsletter/index/subscribeajax/an_category_id/ PATH_INFO.
- CVE-2012-6091Feb 13, 2020risk 0.00cvss —epss 0.02
Zend_XmlRpc Class in Magento before 1.7.0.2 contains an information disclosure vulnerability.
- CVE-2019-8155Nov 5, 2019risk 0.00cvss —epss 0.01
Magento prior to 1.9.4.3 and prior to 1.14.4.3 included a user's CSRF token in the URL of a GET request. This could be exploited by an attacker with access to network traffic to perform unauthorized actions.
- CVE-2019-8125Nov 5, 2019risk 0.00cvss —epss 0.02
A remote code execution vulnerability exists in Magento 1 prior to 1.9.x and 1.14.x. An authenticated admin user can modify configuration parameters via crafted support configuration. The modification can lead to remote code execution.
- CVE-2019-8116Nov 5, 2019risk 0.00cvss —epss 0.02
Insecure authentication and session management vulnerability exists in Magento 2.2 prior to 2.2.10, Magento 2.3 prior to 2.3.3 or 2.3.2-p1. An unauthenticated user can leverage a guest session id value following a successful login to gain access to customer account index page.
- CVE-2019-8091Nov 5, 2019risk 0.00cvss —epss 0.02
A remote code execution vulnerability exists in Magento 1 prior to 1.9.4.3 and 1.14.4.3. An authenticated admin user with privileges to access product attributes can leverage layout updates to trigger remote code execution.
- CVE-2019-8235Oct 29, 2019risk 0.00cvss —epss 0.02
An insecure direct object reference (IDOR) vulnerability exists in Magento 2.3 prior to 2.3.1, 2.2 prior to 2.2.8, and 2.1 prior to 2.1.17 versions. An authenticated user may be able to view personally identifiable shipping details of another user due to insufficient validation…
Page 1 of 2