Get a demo
100% Signal 0% Noise Invicti Logo - The Largest Dynamic Application Security Solutions Provider In The World Get a demo

E-Commerce

Magento

Magento is an Open Source ecommerce web application launched on March 31 2008. It was created by Varien building on components of the Zend Framework.

Official Site:

https://magento.com/

Severity Summary:

Critical: 33 High: 70 Medium: 116 Low: 4
Reference
Title
Severity
CVE-2019-7903
Magento Improper Control of Generation of Code (Code Injection) Vulnerability
High
CVE-2019-7854
Magento Authorization Bypass Through User-Controlled Key Vulnerability
High
CVE-2019-7911
Magento Server-Side Request Forgery (SSRF) Vulnerability
High
CVE-2019-7912
Magento Unrestricted Upload of File with Dangerous Type Vulnerability
High
CVE-2019-7913
Magento Server-Side Request Forgery (SSRF) Vulnerability
High
CVE-2019-7923
Magento Server-Side Request Forgery (SSRF) Vulnerability
High
CVE-2019-7849
Magento Session Fixation Vulnerability
High
CVE-2019-7928
Magento Vulnerability
High
CVE-2019-7930
Magento Unrestricted Upload of File with Dangerous Type Vulnerability
High
CVE-2019-7932
Magento Improper Control of Generation of Code (Code Injection) Vulnerability
High
CVE-2019-8119
Magento Vulnerability
High
CVE-2019-8122
Magento Vulnerability
High
CVE-2019-7871
Magento Improper Control of Generation of Code (Code Injection) Vulnerability
High
CVE-2020-3719
Magento Improper Neutralization of Special Elements used in an SQL Command (SQL Injection) Vulnerability
High
CVE-2020-9588
Magento Observable Differences in Behavior to Error Inputs Vulnerability
High
CVE-2022-34255
Magento Incorrect Authorization Vulnerability
High
CVE-2022-42344
Magento Improper Input Validation Vulnerability
High
CVE-2019-8150
Magento Vulnerability
High
CVE-2019-8151
Magento Server-Side Request Forgery (SSRF) Vulnerability
High
CVE-2022-34253
Magento XML Injection (aka Blind XPath Injection) Vulnerability
High
CVE-2022-34254
Magento Improper Limitation of a Pathname to a Restricted Directory (Path Traversal) Vulnerability
High
CVE-2021-36021
Magento Vulnerability
High
CVE-2021-28584
Magento Improper Limitation of a Pathname to a Restricted Directory (Path Traversal) Vulnerability
High
CVE-2019-8154
Magento Inclusion of Functionality from Untrusted Control Sphere Vulnerability
High
CVE-2019-8155
Magento Cross-Site Request Forgery (CSRF) Vulnerability
High
CVE-2019-8159
Magento Improper Neutralization of Special Elements used in an OS Command (OS Command Injection) Vulnerability
High
CVE-2019-8156
Magento Server-Side Request Forgery (SSRF) Vulnerability
High
CVE-2019-8229
Magento Vulnerability
High
CVE-2019-8230
Magento Vulnerability
High
CVE-2020-9591
Magento Exposure of Sensitive Information to an Unauthorized Actor Vulnerability
High