Get a demo
100% Signal 0% Noise Invicti Logo - The Largest Dynamic Application Security Solutions Provider In The World Get a demo

E-Commerce

Magento

Magento is an Open Source ecommerce web application launched on March 31 2008. It was created by Varien building on components of the Zend Framework.

Official Site:

https://magento.com/

Severity Summary:

Critical: 33 High: 70 Medium: 116 Low: 4
Reference
Title
Severity
CVE-2019-8228
Magento Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2019-8227
Magento Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2019-8115
Magento Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2019-8113
Magento Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG) Vulnerability
Medium
CVE-2019-8108
Magento Improper Authentication Vulnerability
Medium
CVE-2019-7889
Magento Improper Neutralization of Special Elements in Output Used by a Downstream Component (Injection) Vulnerability
Medium
CVE-2019-7909
Magento Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2019-7908
Magento Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2019-7904
Magento Vulnerability
Medium
CVE-2019-7899
Magento Improper Input Validation Vulnerability
Medium
CVE-2019-7898
Magento Improper Input Validation Vulnerability
Medium
CVE-2019-7897
Magento Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2019-7888
Magento Exposure of Sensitive Information to an Unauthorized Actor Vulnerability
Medium
CVE-2019-7925
Magento Authorization Bypass Through User-Controlled Key Vulnerability
Medium
CVE-2019-7887
Magento Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2019-7882
Magento Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2019-7881
Magento Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2019-7880
Magento Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2019-7877
Magento Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2019-7875
Magento Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2019-7874
Magento Cross-Site Request Forgery (CSRF) Vulnerability
Medium
CVE-2019-7921
Magento Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2019-7927
Magento Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2019-8107
Magento Vulnerability
Medium
CVE-2019-7939
Magento Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2019-8092
Magento Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2019-8090
Magento Vulnerability
Medium
CVE-2019-8235
Magento Authorization Bypass Through User-Controlled Key Vulnerability
Medium
CVE-2019-7947
Magento Cross-Site Request Forgery (CSRF) Vulnerability
Medium
CVE-2019-7945
Magento Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium