📦 Magento Open Source

CVE-2022-24093 is an improper input validation vulnerability in Adobe Commerce (formerly Magento) that allows authenticated attackers to execute arbitrary code on affected systems. This affects Adobe ...

This CVE describes an XML injection vulnerability in Magento Commerce that allows authenticated attackers with admin privileges to execute arbitrary code remotely. The vulnerability affects Magento Co...

CVE-2021-36025 is an improper input validation vulnerability in Adobe Magento Commerce that allows authenticated attackers with admin privileges to upload specially crafted files and achieve remote co...

CVE-2023-22247 is an XML injection vulnerability in Adobe Commerce that allows unauthenticated attackers to read arbitrary files from the server. This affects Adobe Commerce versions 2.4.4-p2 and earl...

This CVE describes an XML injection vulnerability in Magento Commerce's 'City' field that allows unauthenticated attackers to execute arbitrary code remotely. It affects Magento Commerce versions 2.4....

CVE-2023-22250 is an improper access control vulnerability in Adobe Commerce that allows attackers to bypass security features and potentially disrupt minor functionality. This affects Adobe Commerce ...