Homepage

Find out if you have vulnerabilities that put you at risk

Test your applications
Toggle filtering controls
Report a new vulnerability
VULNERABILITYAFFECTSTYPEPUBLISHED
  • M
SQL Injection		magento/community-edition>=2.1.0, <2.1.18>=2.2.0, <2.2.9>=2.3.0, <2.3.2Composer12 Aug 2019
  • M
Improper Input Validation		magento/community-edition>=2.1.0, <2.1.18>=2.2.0, <2.2.9>=2.3.0, <2.3.2Composer12 Aug 2019
  • H
Privilege Escalation		magento/community-edition>=2.1.0, <2.1.18>=2.2.0, <2.2.9>=2.3.0, <2.3.2Composer12 Aug 2019
  • H
Arbitrary Code Execution		magento/community-edition>=2.1.0, <2.1.18>=2.2.0, <2.2.9>=2.3.0, <2.3.2Composer12 Aug 2019
  • M
Cross-site Scripting (XSS)		magento/community-edition>=2.1.0, <2.1.18>=2.2.0, <2.2.9>=2.3.0, <2.3.2Composer12 Aug 2019
  • M
Cross-site Scripting (XSS)		magento/community-edition>=2.1.0, <2.1.18>=2.2.0, <2.2.9>=2.3.0, <2.3.2Composer8 Aug 2019
  • M
Cross-site Scripting (XSS)		magento/community-edition>=2.1.0, <2.1.18>=2.2.0, <2.2.9>=2.3.0, <2.3.2Composer8 Aug 2019
  • M
Cross-site Scripting (XSS)		magento/community-edition>=2.1.0, <2.1.18>=2.2.0, <2.2.9>=2.3.0, <2.3.2Composer8 Aug 2019
  • L
Cross-site Request Forgery (CSRF)		magento/community-edition>=2.1.0, <2.1.18>=2.2.0, <2.2.9>=2.3.0, <2.3.2Composer8 Aug 2019
  • M
Cross-site Scripting (XSS)		magento/community-edition>=2.1.0, <2.1.18>=2.2.0, <2.2.9>=2.3.0, <2.3.2Composer8 Aug 2019
  • M
Cross-site Scripting (XSS)		magento/community-edition>=2.1.0, <2.1.18>=2.2.0, <2.2.9>=2.3.0, <2.3.2Composer8 Aug 2019
  • H
Remote Code Execution (RCE)		magento/community-edition>=2.1.0, <2.1.18>=2.2.2, <2.2.9>=2.3.0, <2.3.2Composer7 Aug 2019
  • M
Cross-site Scripting (XSS)		magento/community-edition>=2.1.0, <2.1.18>=2.2.2, <2.2.9>=2.3.0, <2.3.2Composer7 Aug 2019
  • M
Information Exposure		magento/community-edition>=2.1.0, <2.1.18>=2.2.2, <2.2.9>=2.3.0, <2.3.2Composer7 Aug 2019
  • M
Cross-site Scripting (XSS)		magento/community-edition>=2.1.0, <2.1.18>=2.2.2, <2.2.9>=2.3.0, <2.3.2Composer7 Aug 2019
  • M
Cross-site Request Forgery (CSRF)		magento/community-edition>=2.1.0, <2.1.18>=2.2.0, <2.2.9>=2.3.0, <2.3.2Composer7 Aug 2019
  • H
Improper Access Control		magento/community-edition>=2.1.0, <2.1.18>=2.2.0, <2.2.9>=2.3.0, <2.3.2Composer7 Aug 2019
  • M
Directory Traversal		magento/community-edition>=2.1.0, <2.1.18>=2.2.0, <2.2.9>=2.3.0, <2.3.2Composer7 Aug 2019
  • C
Cross-site Scripting (XSS)		magento/community-edition>=2.1.0, <2.1.18>=2.2.0, <2.2.9>=2.3.0, <2.3.2Composer7 Aug 2019
  • M
Resource Injection		magento/community-edition>=2.1.0, <2.1.18>=2.2.0, <2.2.9>=2.3.0, <2.3.2Composer7 Aug 2019
  • M
Information Exposure		magento/community-edition>=2.1.0, <2.1.18>=2.2.0, <2.2.9>=2.3.0, <2.3.2Composer7 Aug 2019
  • M
Cross-site Scripting (XSS)		magento/community-edition>=2.1.0, <2.1.18>=2.2.0, <2.2.9>=2.3.0, <2.3.2Composer7 Aug 2019
  • H
Unsafe File Upload		magento/community-edition>=2.1.0, <2.1.18>=2.2.0, <2.2.9>=2.3.0, <2.3.2Composer7 Aug 2019
  • M
Cross-site Scripting (XSS)		magento/community-edition>=2.1.0, <2.1.18>=2.2.0, <2.2.9>=2.3.0, <2.3.2Composer7 Aug 2019
  • H
Information Exposure		magento/community-edition>=2.1.0, <2.1.18>=2.2.0, <2.2.9>=2.3.0, <2.3.2Composer7 Aug 2019
  • M
Information Exposure		magento/community-edition>=2.1.0, <2.1.18>=2.2.0, <2.2.9>=2.3.0, <2.3.2Composer7 Aug 2019
  • H
Denial of Service (DoS)		magento/community-edition>=2.1.0, <2.1.18>=2.2.0, <2.2.9>=2.3.0, <2.3.2Composer7 Aug 2019
  • M
Cross-site Request Forgery (CSRF)		magento/community-edition>=2.1.0, <2.1.18>=2.2.0, <2.2.9>=2.3.0, <2.3.2Composer7 Aug 2019
  • H
Server-side Request Forgery (SSRF)		magento/community-edition>=2.1.0, <2.1.18>=2.2.0, <2.2.9>=2.3.0, <2.3.2Composer7 Aug 2019
  • M
Cross-site Scripting (XSS)		magento/community-edition>=2.1.0, <2.1.18>=2.2.2, <2.2.9>=2.3.0, <2.3.2Composer7 Aug 2019