Get a demo
100% Signal 0% Noise Invicti Logo - The Largest Dynamic Application Security Solutions Provider In The World Get a demo

E-Commerce

Magento

Magento is an Open Source ecommerce web application launched on March 31 2008. It was created by Varien building on components of the Zend Framework.

Official Site:

https://magento.com/

Severity Summary:

Critical: 33 High: 70 Medium: 116 Low: 4
Reference
Title
Severity
CVE-2020-9585
Magento Vulnerability
Critical
CVE-2020-9583
Magento Improper Neutralization of Special Elements used in an OS Command (OS Command Injection) Vulnerability
Critical
CVE-2020-9582
Magento Improper Neutralization of Special Elements used in an OS Command (OS Command Injection) Vulnerability
Critical
CVE-2019-8114
Magento Unrestricted Upload of File with Dangerous Type Vulnerability
High
CVE-2019-8109
Magento Cross-Site Request Forgery (CSRF) Vulnerability
High
CVE-2019-8110
Magento Vulnerability
High
CVE-2019-8093
Magento Unrestricted Upload of File with Dangerous Type Vulnerability
High
CVE-2019-8091
Magento Vulnerability
High
CVE-2019-8116
Magento Session Fixation Vulnerability
High
CVE-2019-8112
Magento Insufficient Verification of Data Authenticity Vulnerability
High
CVE-2019-7951
Magento Exposure of Sensitive Information to an Unauthorized Actor Vulnerability
High
CVE-2019-7950
Magento Authorization Bypass Through User-Controlled Key Vulnerability
High
CVE-2020-15151
Magento Observable Differences in Behavior to Error Inputs Vulnerability
High
CVE-2019-8111
Magento Vulnerability
High
CVE-2021-21030
Magento Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
High
CVE-2019-7915
Magento Vulnerability
High
CVE-2019-7942
Magento Improper Control of Generation of Code (Code Injection) Vulnerability
High
CVE-2019-7896
Magento Vulnerability
High
CVE-2019-7876
Magento Vulnerability
High
CVE-2019-7865
Magento Cross-Site Request Forgery (CSRF) Vulnerability
High
CVE-2019-7885
Magento Improper Input Validation Vulnerability
High
CVE-2019-7886
Magento Cryptographic Issues Vulnerability
High
CVE-2019-7861
Magento Unrestricted Upload of File with Dangerous Type Vulnerability
High
CVE-2019-7860
Magento Cryptographic Issues Vulnerability
High
CVE-2019-7859
Magento Improper Limitation of a Pathname to a Restricted Directory (Path Traversal) Vulnerability
High
CVE-2019-7890
Magento Authorization Bypass Through User-Controlled Key Vulnerability
High
CVE-2019-7892
Magento Server-Side Request Forgery (SSRF) Vulnerability
High
CVE-2019-7895
Magento Vulnerability
High
CVE-2019-7858
Magento Cryptographic Issues Vulnerability
High
CVE-2020-24400
Magento Improper Neutralization of Special Elements used in an SQL Command (SQL Injection) Vulnerability
High