Show filters
229 Total Results
Displaying 51-60 of 229
Sort by:
Attacker Value
Unknown
CVE-2020-9665
Disclosure Date: July 22, 2020 (last updated February 21, 2025)
Magento versions 1.14.4.5 and earlier, and 1.9.4.5 and earlier have a stored cross-site scripting vulnerability. Successful exploitation could lead to sensitive information disclosure.
0
Attacker Value
Unknown
CVE-2020-9664
Disclosure Date: July 22, 2020 (last updated February 21, 2025)
Magento versions 1.14.4.5 and earlier, and 1.9.4.5 and earlier have a php object injection vulnerability. Successful exploitation could lead to arbitrary code execution.
0
Attacker Value
Unknown
CVE-2020-13423
Disclosure Date: June 29, 2020 (last updated February 21, 2025)
Form Builder 2.1.0 for Magento has multiple XSS issues that can be exploited against Magento 2 admin accounts via the Current_url or email field, or the User-Agent HTTP header.
0
Attacker Value
Unknown
CVE-2020-9587
Disclosure Date: June 26, 2020 (last updated November 28, 2024)
Magento versions 2.3.4 and earlier, 2.2.11 and earlier (see note), 1.14.4.4 and earlier, and 1.9.4.4 and earlier have an authorization bypass vulnerability. Successful exploitation could lead to potentially unauthorized product discounts.
0
Attacker Value
Unknown
CVE-2020-9581
Disclosure Date: June 26, 2020 (last updated February 21, 2025)
Magento versions 2.3.4 and earlier, 2.2.11 and earlier (see note), 1.14.4.4 and earlier, and 1.9.4.4 and earlier have a stored cross-site scripting vulnerability. Successful exploitation could lead to sensitive information disclosure.
0
Attacker Value
Unknown
CVE-2020-9630
Disclosure Date: June 26, 2020 (last updated November 28, 2024)
Magento versions 2.3.4 and earlier, 2.2.11 and earlier (see note), 1.14.4.4 and earlier, and 1.9.4.4 and earlier have a business logic error vulnerability. Successful exploitation could lead to privilege escalation.
0
Attacker Value
Unknown
CVE-2020-9584
Disclosure Date: June 26, 2020 (last updated February 21, 2025)
Magento versions 2.3.4 and earlier, 2.2.11 and earlier (see note), 1.14.4.4 and earlier, and 1.9.4.4 and earlier have a stored cross-site scripting vulnerability. Successful exploitation could lead to sensitive information disclosure.
0
Attacker Value
Unknown
CVE-2020-9582
Disclosure Date: June 26, 2020 (last updated February 21, 2025)
Magento versions 2.3.4 and earlier, 2.2.11 and earlier (see note), 1.14.4.4 and earlier, and 1.9.4.4 and earlier have a command injection vulnerability. Successful exploitation could lead to arbitrary code execution.
0
Attacker Value
Unknown
CVE-2020-9583
Disclosure Date: June 26, 2020 (last updated February 21, 2025)
Magento versions 2.3.4 and earlier, 2.2.11 and earlier (see note), 1.14.4.4 and earlier, and 1.9.4.4 and earlier have a command injection vulnerability. Successful exploitation could lead to arbitrary code execution.
0
Attacker Value
Unknown
CVE-2020-9576
Disclosure Date: June 26, 2020 (last updated February 21, 2025)
Magento versions 2.3.4 and earlier, 2.2.11 and earlier (see note), 1.14.4.4 and earlier, and 1.9.4.4 and earlier have a command injection vulnerability. Successful exploitation could lead to arbitrary code execution.
0
