Vulnerabilities > Openmage

DATE CVE VULNERABILITY TITLE RISK
2024-07-29 CVE-2024-41676 Cross-site Scripting vulnerability in Openmage Magento
Magento-lts is a long-term support alternative to Magento Community Edition (CE).
network
low complexity
openmage CWE-79
4.8
2023-09-11 CVE-2023-41879 Use of Insufficiently Random Values vulnerability in Openmage Magento
Magento LTS is the official OpenMage LTS codebase.
network
low complexity
openmage CWE-330
7.5
2023-01-28 CVE-2023-23617 Infinite Loop vulnerability in Openmage Magento
OpenMage LTS is an e-commerce platform.
network
low complexity
openmage CWE-835
7.5
2023-01-27 CVE-2021-41143 Path Traversal vulnerability in Openmage Magento
OpenMage LTS is an e-commerce platform.
network
low complexity
openmage CWE-22
7.2
2023-01-27 CVE-2021-41144 Command Injection vulnerability in Openmage Magento
OpenMage LTS is an e-commerce platform.
network
low complexity
openmage CWE-77
8.8
2023-01-27 CVE-2021-41231 Unrestricted Upload of File with Dangerous Type vulnerability in Openmage Magento
OpenMage LTS is an e-commerce platform.
network
low complexity
openmage CWE-434
7.2
2023-01-27 CVE-2021-39217 Command Injection vulnerability in Openmage Magento
OpenMage LTS is an e-commerce platform.
network
low complexity
openmage CWE-77
7.2
2023-01-27 CVE-2021-21395 Cross-Site Request Forgery (CSRF) vulnerability in Openmage Magento
Magneto LTS (Long Term Support) is a community developed alternative to the Magento CE official releases.
network
low complexity
openmage CWE-352
4.3
2021-08-27 CVE-2021-32759 Improper Input Validation vulnerability in Openmage Magento
OpenMage magento-lts is an alternative to the Magento CE official releases.
network
low complexity
openmage CWE-20
7.2
2021-08-27 CVE-2021-32758 XML Injection (aka Blind XPath Injection) vulnerability in Openmage
OpenMage Magento LTS is an alternative to the Magento CE official releases.
network
low complexity
openmage CWE-91
7.2