|
201011
|
5.6 |
MEDIUM
Network
|
magento
|
magento
|
Magento versions 2.4.1 (and earlier), 2.4.0-p1 (and earlier) and 2.3.6 (and earlier) do not adequately invalidate user sessions. Successful exploitation of this issue could lead to unauthorized acces…
|
-
|
CVE-2021-21032
|
2024-11-21 14:47 |
2021-02-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
201012
|
5.6 |
MEDIUM
Network
|
magento
|
magento
|
Magento versions 2.4.1 (and earlier), 2.4.0-p1 (and earlier) and 2.3.6 (and earlier) do not adequately invalidate user sessions. Successful exploitation could lead to unauthorized access to restricte…
|
-
|
CVE-2021-21031
|
2024-11-21 14:47 |
2021-02-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
201013
|
8.1 |
HIGH
Network
|
magento
|
magento
|
Magento versions 2.4.1 (and earlier), 2.4.0-p1 (and earlier) and 2.3.6 (and earlier) are vulnerable to a stored cross-site scripting (XSS) in the customer address upload feature. Successful exploitat…
|
-
|
CVE-2021-21030
|
2024-11-21 14:47 |
2021-02-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
201014
|
4.8 |
MEDIUM
Network
|
magento
|
magento
|
Magento versions 2.4.1 (and earlier), 2.4.0-p1 (and earlier) and 2.3.6 (and earlier) are affected by a Reflected Cross-site Scripting vulnerability via 'file' parameter. Successful exploitation could…
|
-
|
CVE-2021-21029
|
2024-11-21 14:47 |
2021-02-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
201015
|
8.8 |
HIGH
Network
|
adobe
|
acrobat
acrobat_dc
acrobat_reader
acrobat_reader_dc
|
Acrobat Reader DC versions versions 2020.013.20074 (and earlier), 2020.001.30018 (and earlier) and 2017.011.30188 (and earlier) are affected by a Use After Free vulnerability. An unauthenticated atta…
|
-
|
CVE-2021-21028
|
2024-11-21 14:47 |
2021-02-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
201016
|
4.3 |
MEDIUM
Network
|
magento
|
magento
|
Magento versions 2.4.1 (and earlier), 2.4.0-p1 (and earlier) and 2.3.6 (and earlier) are affected by a cross-site request forgery (CSRF) vulnerability via the GraphQL API. Successful exploitation cou…
|
-
|
CVE-2021-21027
|
2024-11-21 14:47 |
2021-02-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
201017
|
5.3 |
MEDIUM
Network
|
magento
|
magento
|
Magento versions 2.4.1 (and earlier), 2.4.0-p1 (and earlier) and 2.3.6 (and earlier) are affected by an improper authorization vulnerability in the integrations module. Successful exploitation could …
|
NVD-CWE-Other
|
CVE-2021-21026
|
2024-11-21 14:47 |
2021-02-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
201018
|
9.1 |
CRITICAL
Network
|
magento
|
magento
|
Magento versions 2.4.1 (and earlier), 2.4.0-p1 (and earlier) and 2.3.6 (and earlier) are vulnerable to XML injection in the product layout updates. Successful exploitation could lead to arbitrary cod…
|
-
|
CVE-2021-21025
|
2024-11-21 14:47 |
2021-02-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
201019
|
9.1 |
CRITICAL
Network
|
magento
|
magento
|
Magento versions 2.4.1 (and earlier), 2.4.0-p1 (and earlier) and 2.3.6 (and earlier) are affected by a blind SQL injection vulnerability in the Search module. Successful exploitation could lead to un…
|
-
|
CVE-2021-21024
|
2024-11-21 14:47 |
2021-02-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
201020
|
4.8 |
MEDIUM
Network
|
magento
|
magento
|
Magento versions 2.4.1 (and earlier), 2.4.0-p1 (and earlier) and 2.3.6 (and earlier) are vulnerable to a stored cross-site scripting vulnerability in the admin console. Successful exploitation could …
|
CWE-79
Cross-site Scripting
|
CVE-2021-21023
|
2024-11-21 14:47 |
2021-02-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
