Lucene search
GoogleOSV:GHSA-7PXG-6P87-8C9VHistoryMay 24, 2022 - 5:33 p.m.
Magento 2 Community Edition RCE via Unsafe File Upload
2022-05-2417:33:56
Google
osv.dev
35
magento
community edition
rce
unsafe file upload
arbitrary code execution
administrative permissions
EPSS
0.001
Percentile
36.3%
Magento versions 2.4.0 and 2.3.5p1 (and earlier) are affected by an unsafe file upload vulnerability that could result in arbitrary code execution. This vulnerability could be abused by authenticated users with administrative permissions to the System/Data and Transfer/Import components.
Related
cve
cve
CVE-2020-24407
2020-11-09 01:15:12
osv
osv
CVE-2020-24407
2020-11-09 01:15:12
BIT-magento-2020-24407
2024-03-06 11:07:21
cvelist
cvelist
CVE-2020-24407 Arbitrary code execution via file import functionality
2020-11-09 00:39:56
nvd
nvd
CVE-2020-24407
2020-11-09 01:15:12
zdt
zdt
Magento 2.4.0 / 2.3.5p1 (and earlier) Arbitrary Code Execution 0day Exploit
2021-03-24 00:00:00
prion
prion
Remote code execution
2020-11-09 01:15:00
github
github
Magento 2 Community Edition RCE via Unsafe File Upload
2022-05-24 17:33:56
threatpost
threatpost
Critical WordPress Plugin Bug Afflicts 700K Sites
2020-02-13 20:21:09
TikTok Riddled With Security Flaws
2020-01-08 14:30:42
Cisco Webex Bug Allows Remote Code Execution
2020-01-10 17:24:29
openvas
openvas
Magento < 2.3.6, 2.4.x < 2.4.1 Multiple Vulnerabilities (APSB20-59)
2020-10-23 00:00:00
adobe
adobe
APSB20-59 Security updates available for Magento
2020-10-15 00:00:00