RSS   Vulnerabilities for 'Magento'   RSS

2020-02-13
 
CVE-2012-6091

CWE-200
 

 
Zend_XmlRpc Class in Magento before 1.7.0.2 contains an information disclosure vulnerability.

 
2012-11-06
 
CVE-2011-5240

CWE-20
 

 
Magento 1.5 and 1.6.2 does not verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via an arbitrary valid certificate.

 

 >>> Vendor: Magentocommerce 2 Products
Magento
Magmi


Copyright 2024, cxsecurity.com

 

Back to Top