Get a demo
100% Signal 0% Noise Invicti Logo - The Largest Dynamic Application Security Solutions Provider In The World Get a demo
Web Application Vulnerabilities Runtime SCA Findings
Looking for the vulnerability index of Invicti's legacy products?
Invicti Enterprise Acunetix Standard & Premium

E-Commerce

Magento

Magento is an Open Source ecommerce web application launched on March 31 2008. It was created by Varien building on components of the Zend Framework.

Official Site:

https://magento.com/

Severity Summary:

Critical: 33 High: 70 Medium: 116 Low: 4
Reference
Title
Severity
CVE-2019-7944
Magento Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2019-7940
Magento Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2019-7938
Magento Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2019-7929
Magento Exposure of Sensitive Information to an Unauthorized Actor Vulnerability
Medium
CVE-2019-7937
Magento Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2019-7936
Magento Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2019-7935
Magento Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2019-7934
Magento Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2019-7926
Magento Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2020-24403
Magento Improper Authorization Vulnerability
Low
CVE-2020-24404
Magento Improper Authorization Vulnerability
Low
CVE-2021-28566
Magento Exposure of Sensitive Information to an Unauthorized Actor Vulnerability
Low
CVE-2020-24406
Magento Improper Limitation of a Pathname to a Restricted Directory (Path Traversal) Vulnerability
Low