|
212511
|
7.2 |
HIGH
Network
|
magento
|
magento
|
A server-side request forgery (SSRF) vulnerability exists in Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. This can be exploited by authenticated user with admi…
|
CWE-918
Server-Side Request Forgery (SSRF)
|
CVE-2019-7923
|
2024-11-21 13:48 |
2019-08-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
212512
|
5.4 |
MEDIUM
Network
|
magento
|
magento
|
A stored cross-site scripting vulnerability exists in the product catalog form of Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. This could be exploited by an au…
|
CWE-79
Cross-site Scripting
|
CVE-2019-7921
|
2024-11-21 13:48 |
2019-08-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
212513
|
7.5 |
HIGH
Network
|
magento
|
magento
|
A denial-of-service vulnerability exists in Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. Under certain conditions, an unauthenticated attacker could force the …
|
NVD-CWE-noinfo
|
CVE-2019-7915
|
2024-11-21 13:48 |
2019-08-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
212514
|
7.2 |
HIGH
Network
|
magento
|
magento
|
A server-side request forgery (SSRF) vulnerability exists in Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. This can be exploited by an authenticated user with a…
|
CWE-918
Server-Side Request Forgery (SSRF)
|
CVE-2019-7913
|
2024-11-21 13:48 |
2019-08-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
212515
|
7.2 |
HIGH
Network
|
magento
|
magento
|
A file upload filter bypass exists in Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. This can be exploited by an authenticated user with admin privileges to edit…
|
CWE-434
Unrestricted Upload of File with Dangerous Type
|
CVE-2019-7912
|
2024-11-21 13:48 |
2019-08-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
212516
|
7.2 |
HIGH
Network
|
magento
|
magento
|
A server-side request forgery (SSRF) vulnerability exists in Magento Open Source prior to 1.9.4.2, and Magento Commerce prior to 1.14.4.2, Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Mag…
|
CWE-918
Server-Side Request Forgery (SSRF)
|
CVE-2019-7911
|
2024-11-21 13:48 |
2019-08-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
212517
|
4.8 |
MEDIUM
Network
|
magento
|
magento
|
A stored cross-site scripting vulnerability exists in the admin panel of Magento Open Source prior to 1.9.4.2, and Magento Commerce prior to 1.14.4.2, Magento 2.1 prior to 2.1.18, Magento 2.2 prior t…
|
CWE-79
Cross-site Scripting
|
CVE-2019-7909
|
2024-11-21 13:48 |
2019-08-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
212518
|
4.8 |
MEDIUM
Network
|
magento
|
magento
|
A stored cross-site scripting vulnerability exists in the admin panel of Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. This could be exploited by an authenticat…
|
CWE-79
Cross-site Scripting
|
CVE-2019-7908
|
2024-11-21 13:48 |
2019-08-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
212519
|
6.5 |
MEDIUM
Network
|
magento
|
magento
|
Insufficient enforcement of user access controls in Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2 could enable a low-privileged user to make unauthorized environ…
|
NVD-CWE-noinfo
|
CVE-2019-7904
|
2024-11-21 13:48 |
2019-08-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
212520
|
7.2 |
HIGH
Network
|
magento
|
magento
|
A remote code execution vulnerability exists in Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. An authenticated user with admin privileges to email templates can…
|
NVD-CWE-noinfo
|
CVE-2019-7903
|
2024-11-21 13:48 |
2019-08-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
