Magento 1.9.4.4 Community Edition

CPE Details

Magento 1.9.4.4 Community Edition
magento
magento
1.9.4.4
2020-09-24
12h06 +00:00
2020-09-24
12h06 +00:00
CPE NVD
Alerte pour un CPE
Stay informed of any changes for a specific CPE.
Notifications manage

CPE Name: cpe:2.3:a:magento:magento:1.9.4.4:*:*:*:community:*:*:*

Informations

Vendor

magento

Product

magento

Version

1.9.4.4

Software Edition

community

Related CVE

Open and find in CVE List

CVE ID Published Description Score Severity
CVE-2020-9577 2020-06-26 18h21 +00:00 Magento versions 2.3.4 and earlier, 2.2.11 and earlier (see note), 1.14.4.4 and earlier, and 1.9.4.4 and earlier have a stored cross-site scripting vulnerability. Successful exploitation could lead to sensitive information disclosure .
6.1
Medium
CVE-2020-9576 2020-06-26 18h21 +00:00 Magento versions 2.3.4 and earlier, 2.2.11 and earlier (see note), 1.14.4.4 and earlier, and 1.9.4.4 and earlier have a command injection vulnerability. Successful exploitation could lead to arbitrary code execution.
9.8
Critical
CVE-2020-9588 2020-06-26 18h20 +00:00 Magento versions 2.3.4 and earlier, 2.2.11 and earlier (see note), 1.14.4.4 and earlier, and 1.9.4.4 and earlier have an observable timing discrepancy vulnerability. Successful exploitation could lead to signature verification bypass.
7.2
High
CVE-2020-9578 2020-06-26 18h20 +00:00 Magento versions 2.3.4 and earlier, 2.2.11 and earlier (see note), 1.14.4.4 and earlier, and 1.9.4.4 and earlier have a command injection vulnerability. Successful exploitation could lead to arbitrary code execution.
9.8
Critical
CVE-2020-9631 2020-06-26 18h20 +00:00 Magento versions 2.3.4 and earlier, 2.2.11 and earlier (see note), 1.14.4.4 and earlier, and 1.9.4.4 and earlier have a security mitigation bypass vulnerability. Successful exploitation could lead to arbitrary code execution.
9.8
Critical
CVE-2020-9630 2020-06-26 18h20 +00:00 Magento versions 2.3.4 and earlier, 2.2.11 and earlier (see note), 1.14.4.4 and earlier, and 1.9.4.4 and earlier have a business logic error vulnerability. Successful exploitation could lead to privilege escalation.
9.8
Critical
CVE-2020-9591 2020-06-26 18h20 +00:00 Magento versions 2.3.4 and earlier, 2.2.11 and earlier (see note), 1.14.4.4 and earlier, and 1.9.4.4 and earlier have a defense-in-depth security mitigation vulnerability. Successful exploitation could lead to unauthorized access to admin panel.
7.5
High
CVE-2020-9632 2020-06-26 18h20 +00:00 Magento versions 2.3.4 and earlier, 2.2.11 and earlier (see note), 1.14.4.4 and earlier, and 1.9.4.4 and earlier have a security mitigation bypass vulnerability. Successful exploitation could lead to arbitrary code execution.
9.8
Critical
CVE-2020-9580 2020-06-26 18h19 +00:00 Magento versions 2.3.4 and earlier, 2.2.11 and earlier (see note), 1.14.4.4 and earlier, and 1.9.4.4 and earlier have a security mitigation bypass vulnerability. Successful exploitation could lead to arbitrary code execution.
9.8
Critical
CVE-2020-9581 2020-06-26 18h19 +00:00 Magento versions 2.3.4 and earlier, 2.2.11 and earlier (see note), 1.14.4.4 and earlier, and 1.9.4.4 and earlier have a stored cross-site scripting vulnerability. Successful exploitation could lead to sensitive information disclosure.
6.1
Medium
CVE-2020-9582 2020-06-26 18h19 +00:00 Magento versions 2.3.4 and earlier, 2.2.11 and earlier (see note), 1.14.4.4 and earlier, and 1.9.4.4 and earlier have a command injection vulnerability. Successful exploitation could lead to arbitrary code execution.
9.8
Critical
CVE-2020-9583 2020-06-26 18h19 +00:00 Magento versions 2.3.4 and earlier, 2.2.11 and earlier (see note), 1.14.4.4 and earlier, and 1.9.4.4 and earlier have a command injection vulnerability. Successful exploitation could lead to arbitrary code execution.
9.8
Critical
CVE-2020-9587 2020-06-26 18h19 +00:00 Magento versions 2.3.4 and earlier, 2.2.11 and earlier (see note), 1.14.4.4 and earlier, and 1.9.4.4 and earlier have an authorization bypass vulnerability. Successful exploitation could lead to potentially unauthorized product discounts.
7.5
High
CVE-2020-9584 2020-06-26 18h18 +00:00 Magento versions 2.3.4 and earlier, 2.2.11 and earlier (see note), 1.14.4.4 and earlier, and 1.9.4.4 and earlier have a stored cross-site scripting vulnerability. Successful exploitation could lead to sensitive information disclosure.
5.4
Medium
CVE-2020-9579 2020-06-26 18h18 +00:00 Magento versions 2.3.4 and earlier, 2.2.11 and earlier (see note), 1.14.4.4 and earlier, and 1.9.4.4 and earlier have a security mitigation bypass vulnerability. Successful exploitation could lead to arbitrary code execution.
9.8
Critical
CVE-2020-9585 2020-06-26 18h18 +00:00 Magento versions 2.3.4 and earlier, 2.2.11 and earlier (see note), 1.14.4.4 and earlier, and 1.9.4.4 and earlier have a defense-in-depth security mitigation vulnerability. Successful exploitation could lead to arbitrary code execution.
9.8
Critical
CVE-2018-5301 2018-01-08 22h00 +00:00 Magento Community Edition and Enterprise Edition before 2.0.10 and 2.1.x before 2.1.2 have CSRF resulting in deletion of a customer address from an address book, aka APPSEC-1433.
6.5
Medium
CVE-2016-4010 2017-01-23 20h00 +00:00 Magento CE and EE before 2.0.6 allows remote attackers to conduct PHP objection injection attacks and execute arbitrary PHP code via crafted serialized shopping cart data.
9.8
Critical