Exposición de Magento
CMS, Ecommerce312
score de exposición
34.078
sitios usan
2
en explotación
28
críticos
CVEs
285 resultadosCVE-2022-24086CRITICALAdobe Commerce checkout improper input validation leads to remote code executionEPSS 99.2%KEVCVE-2026-45247CRITICALMirasvit Cache Warmer for Magento < 1.11.12 PHP Object InjectionEPSS 27.5%KEVCVE-2021-21029MEDIUMMagento Commerce Reflected Cross-site Scripting Vulnerability Could Lead To Arbitrary JavaScript ExecutionEPSS 84.7%CVE-2022-34258MEDIUMAdobe Commerce Stored XSS Arbitrary code executionEPSS 68.3%CVE-2023-22249MEDIUMAdobe Commerce Stored XSS Arbitrary code executionEPSS 57.4%CVE-2019-7139—An unauthenticated user can execute SQL statements that allow arbitrary read access to the underlying database, which causes sensitive data EPSS 17.4%CVE-2020-3716—Magento versions 2.3.3 and earlier, 2.2.10 and earlier, 1.14.4.3 and earlier, and 1.9.4.3 and earlier have a deserialization of untrusted daEPSS 14.0%CVE-2022-35698CRITICALAdobe Commerce Stored XSS Arbitrary code executionEPSS 9.7%CVE-2021-21064MEDIUMMagento UPWARD-php Path traversal vulnerability via UPWARD ConnectorEPSS 8.5%CVE-2020-9664—Magento versions 1.14.4.5 and earlier, and 1.9.4.5 and earlier have a php object injection vulnerability. Successful exploitation could leadEPSS 8.4%CVE-2020-3718—Magento versions 2.3.3 and earlier, 2.2.10 and earlier, 1.14.4.3 and earlier, and 1.9.4.3 and earlier have a security bypass vulnerability. EPSS 7.5%CVE-2020-9631—Magento versions 2.3.4 and earlier, 2.2.11 and earlier (see note), 1.14.4.4 and earlier, and 1.9.4.4 and earlier have a security mitigation EPSS 7.4%CVE-2020-9632—Magento versions 2.3.4 and earlier, 2.2.11 and earlier (see note), 1.14.4.4 and earlier, and 1.9.4.4 and earlier have a security mitigation EPSS 7.4%CVE-2020-9691—Magento versions 2.3.5-p1 and earlier, and 2.3.5-p1 and earlier have a dom-based cross-site scripting vulnerability. Successful exploitationEPSS 6.0%CVE-2020-9578—Magento versions 2.3.4 and earlier, 2.2.11 and earlier (see note), 1.14.4.4 and earlier, and 1.9.4.4 and earlier have a command injection vuEPSS 5.7%CVE-2020-9583—Magento versions 2.3.4 and earlier, 2.2.11 and earlier (see note), 1.14.4.4 and earlier, and 1.9.4.4 and earlier have a command injection vuEPSS 5.7%CVE-2020-9576—Magento versions 2.3.4 and earlier, 2.2.11 and earlier (see note), 1.14.4.4 and earlier, and 1.9.4.4 and earlier have a command injection vuEPSS 5.7%CVE-2020-9582—Magento versions 2.3.4 and earlier, 2.2.11 and earlier (see note), 1.14.4.4 and earlier, and 1.9.4.4 and earlier have a command injection vuEPSS 5.7%CVE-2021-21030HIGHMagento Commerce Stored Cross-site Scripting Could Lead To Arbitrary Javascript ExecutionEPSS 5.6%CVE-2020-24407CRITICALArbitrary code execution via file import functionalityEPSS 5.5%
¿Quieres saber si tu infraestructura está expuesta a esto?
Hablar con TrueHacking →