Magento

Magento is an Open Source ecommerce web application launched on March 31 2008. It was created by Varien building on components of the Zend Framework.

Official Site:

https://magento.com/

Severity Summary:

Critical: 33 High: 70 Medium: 116 Low: 4
Reference
Title
Severity
Magento External Entity Injection (XXE) Vulnerability
Critical
Magento Exposure of Sensitive Information to an Unauthorized Actor Vulnerability
Critical
Magento Unrestricted Upload of File with Dangerous Type Vulnerability
Critical
Magento Vulnerability
Critical
Magento Vulnerability
Critical
Magento Deserialization of Untrusted Data Vulnerability
Critical
Magento XML Injection (aka Blind XPath Injection) Vulnerability
Critical
Magento Incorrect Authorization Vulnerability
Critical
Magento Improper Input Validation Vulnerability
Critical
Magento Improper Neutralization of Special Elements used in an OS Command (OS Command Injection) Vulnerability
Critical
Magento Vulnerability
Critical
Magento Unrestricted Upload of File with Dangerous Type Vulnerability
Critical
Magento Vulnerability
Critical
Magento Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Critical
Magento Improper Neutralization of Special Elements used in an SQL Command (SQL Injection) Vulnerability
Critical
Magento Improper Neutralization of Special Elements in Output Used by a Downstream Component (Injection) Vulnerability
Critical
Magento Improper Neutralization of Special Elements used in an OS Command (OS Command Injection) Vulnerability
Critical
Magento Improper Neutralization of Special Elements in Output Used by a Downstream Component (Injection) Vulnerability
Critical
Magento Vulnerability
Critical
Magento Improper Neutralization of Special Elements used in an OS Command (OS Command Injection) Vulnerability
Critical
Magento Improper Neutralization of Special Elements used in an SQL Command (SQL Injection) Vulnerability
Critical
Magento XML Injection (aka Blind XPath Injection) Vulnerability
Critical
Magento Improper Control of Generation of Code (Code Injection) Vulnerability
Critical
Magento Vulnerability
Critical
Magento Vulnerability
Critical
Magento Improper Privilege Management Vulnerability
Critical
Magento Vulnerability
Critical
Magento XML Injection (aka Blind XPath Injection) Vulnerability
Critical
Magento Insufficient Session Expiration Vulnerability
Critical
Magento Improper Neutralization of Special Elements used in an OS Command (OS Command Injection) Vulnerability
Critical