Vulnerabilities > Openmage > Openmage > 1.2.1.2

DATE CVE VULNERABILITY TITLE RISK
2021-08-27 CVE-2021-32758 XML Injection (aka Blind XPath Injection) vulnerability in Openmage
OpenMage Magento LTS is an alternative to the Magento CE official releases.
network
low complexity
openmage CWE-91
critical
 9.0
9.0
2021-01-21 CVE-2020-26295 Path Traversal vulnerability in Openmage
OpenMage is a community-driven alternative to Magento CE.
network
low complexity
openmage CWE-22
6.5
6.5
2021-01-21 CVE-2020-26285 Unrestricted Upload of File with Dangerous Type vulnerability in Openmage
OpenMage is a community-driven alternative to Magento CE.
network
low complexity
openmage CWE-434
6.5
6.5
2021-01-20 CVE-2020-26252 Unrestricted Upload of File with Dangerous Type vulnerability in Openmage
OpenMage is a community-driven alternative to Magento CE.
network
low complexity
openmage CWE-434
6.5
6.5