Magento Community-Edition vulnerabilities

CVE-2019-7854 [HIGH] CWE-639 Magento 2 Community Edition IDOR Vulnerability Magento 2 Community Edition IDOR Vulnerability An insecure direct object reference (IDOR) vulnerability in Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2 can lead to unauthorized disclosure of company credit history details.

CVE-2019-7928 [HIGH] Magento 2 Community Edition DoS vulnerability Magento 2 Community Edition DoS vulnerability A denial-of-service (DoS) vulnerability exists in Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. By abusing insufficient brute-forcing defenses in the token exchange protocol, an unauthenticated attacker could disrupt transactions between the Magento merchant and PayPal.

CVE-2019-7871 [HIGH] CWE-94 Magento 2 Community Edition Unsafe File Upload Magento 2 Community Edition Unsafe File Upload A security bypass exists in Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2 that could be abused to execute arbitrary PHP code. An authenticated user can bypass security protections that prevent arbitrary PHP script upload via form data injection.

CVE-2019-8111 [HIGH] Magento 2 Community Edition RCE Vulnerability Magento 2 Community Edition RCE Vulnerability A remote code execution vulnerability exists in Magento 2.2 prior to 2.2.10, Magento 2.3 prior to 2.3.3 or 2.3.2-p1. An authenticated user can leverage plugin functionality related to email templates to manipulate the interceptor class in a way that allows an attacker to execute arbitrary code.

CVE-2021-36020 [HIGH] CWE-91 Magento XML Injection vulnerability in the 'City' field Magento XML Injection vulnerability in the 'City' field Magento Commerce versions 2.4.2 (and earlier), 2.4.2-p1 (and earlier) and 2.3.7 (and earlier) are affected by an XML Injection vulnerability in the 'City' field. An unauthenticated attacker can trigger a specially crafted script to achieve remote code execution.

CVE-2019-7890 [HIGH] CWE-639 Magento 2 Community Edition IDOR Vulnerability Magento 2 Community Edition IDOR Vulnerability An Insecure Direct Object Reference (IDOR) vulnerability exists in the order processing workflow of Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. This can lead to unauthorized access to order details.

CVE-2020-3719 [HIGH] CWE-89 Magento sql injection vulnerability Magento sql injection vulnerability Magento versions 2.3.3 and earlier, 2.2.10 and earlier, 1.14.4.3 and earlier, and 1.9.4.3 and earlier have an sql injection vulnerability. Successful exploitation could lead to sensitive information disclosure.

CVE-2019-7895 [HIGH] Magento 2 Community Edition RCE Vulnerability Magento 2 Community Edition RCE Vulnerability A remote code execution vulnerability exists in Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. An authenticated user with admin privileges to layouts can execute arbitrary code through a crafted XML layout update.

CVE-2021-36030 [HIGH] CWE-20 Magento allows attackers to alter the price of items Magento allows attackers to alter the price of items Magento Commerce versions 2.4.2 (and earlier), 2.4.2-p1 (and earlier) and 2.3.7 (and earlier) are affected by an improper input validation vulnerability during the checkout process. An unauthenticated attacker can leverage this vulnerability to alter the price of items.

CVE-2019-7913 [HIGH] CWE-918 Magento 2 Community Edition SSRF vulnerability Magento 2 Community Edition SSRF vulnerability A server-side request forgery (SSRF) vulnerability exists in Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. This can be exploited by an authenticated user with admin privileges to manipulate shipment methods to execute arbitrary code.

CVE-2019-7923 [HIGH] CWE-918 Magento 2 Community Edition SSRF vulnerability Magento 2 Community Edition SSRF vulnerability A server-side request forgery (SSRF) vulnerability exists in Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. This can be exploited by authenticated user with admin privileges to manipulate shipment settings to execute arbitrary code.

CVE-2019-7886 [HIGH] CWE-330 Magento 2 Community Edition Cryptographic Flaw Magento 2 Community Edition Cryptographic Flaw A cryptograhic flaw exists in Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. A weak cryptograhic mechanism is used to generate the intialization vector in multiple security relevant contexts.

CVE-2021-36022 [HIGH] CWE-74 Magento XML Injection vulnerability in the Widgets Update Layout Magento XML Injection vulnerability in the Widgets Update Layout Magento Commerce versions 2.4.2 (and earlier), 2.4.2-p1 (and earlier) and 2.3.7 (and earlier) are affected by an XML Injection vulnerability in the Widgets Update Layout. An attacker with admin privileges can trigger a specially crafted script to achieve remote code execution.

CVE-2019-8154 [HIGH] CWE-829 Magento remote code execution vulnerability Magento remote code execution vulnerability A remote code execution vulnerability exists in Magento 2.2 prior to 2.2.10, Magento 2.3 prior to 2.3.3 or 2.3.2-p1. An authenticated user with privileges to modify product catalogs can trigger PHP file inclusion through a crafted XML file that specifies product design update. As per [the Magento Release 2.3.3](https://web.archive.org/web/20201126132230/https://devdocs.magento.c

CVE-2019-8141 [HIGH] CWE-502 Magento 2 Community Edition RCE Vulnerability Magento 2 Community Edition RCE Vulnerability A remote code execution vulnerability exists in Magento 2.1 prior to 2.1.19, Magento 2.2 prior to 2.2.10, Magento 2.3 prior to 2.3.3. An authenticated user with administrative privileges (system level import) can execute arbitrary code through a Phar deserialization vulnerability in the import functionality.

CVE-2020-9588 [HIGH] CWE-203 Magento Signature verification bypass Magento Signature verification bypass Magento versions 2.3.4 and earlier, 2.2.11 and earlier (see note), 1.14.4.4 and earlier, and 1.9.4.4 and earlier have an observable timing discrepancy vulnerability. Successful exploitation could lead to signature verification bypass.

CVE-2021-36043 [HIGH] CWE-918 Magento affected by a blind SSRF vulnerability in the bundled dotmailer extension Magento affected by a blind SSRF vulnerability in the bundled dotmailer extension Magento Commerce versions 2.4.2 (and earlier), 2.4.2-p1 (and earlier) and 2.3.7 (and earlier) are affected by a blind SSRF vulnerability in the bundled dotmailer extension. An attacker with admin privileges could abuse this to achieve remote code execution should Redis be enabled.

CVE-2019-8109 [HIGH] CWE-352 Magento 2 Community Edition RCE Vulnerability via CSRF Magento 2 Community Edition RCE Vulnerability via CSRF A remote code execution vulnerability exists in Magento 2.2 prior to 2.2.10, Magento 2.3 prior to 2.3.3 or 2.3.2-p1. An authenticated user can craft a malicious CSRF payload that can result in arbitrary command execution.

CVE-2019-7861 [HIGH] CWE-434 Magento 2 Community Edition Unsafe File Upload Magento 2 Community Edition Unsafe File Upload Insufficient server-side validation of user input could allow an attacker to bypass file upload restrictions in Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2.

CVE-2020-24400 [HIGH] CWE-89 Magento SQL Injection vulnerability Magento SQL Injection vulnerability Magento versions 2.4.0 and 2.3.5 (and earlier) are affected by an SQL Injection vulnerability that could lead to sensitive information disclosure. This vulnerability could be exploited by an authenticated user with permissions to the product listing page to read data from the database.