Ecosyste.ms: OpenCollective

An open API service for software projects hosted on Open Collective.

OpenMage

Maintaining the OpenSource eCommerce framework OpenMage
Collective - Host: opensource - https://opencollective.com/openmage - Website: https://www.openmage.org/ - Code: https://github.com/OpenMage

Moderate
magento-lts: GSA_kwCzR0hTQS01dnJwLTYzOHctcDhtMs4AA-MY
Magento LTS vulnerable to stored Cross-site Scripting (XSS) in admin system configs
Ecosystems: packagist
Packages: openmage/magento-lts
Source: github
Published: 5 months ago
Moderate
magento-lts: GSA_kwCzR0hTQS1ncDZtLWZxNmgtY2pjeM4AA5jQ
Magento LTS vulnerable to stored XSS in admin file form
Ecosystems: packagist
Packages: openmage/magento-lts
Source: github
Published: 10 months ago
High
magento-lts: GSA_kwCzR0hTQS05ajV3LTJjcWMtY3dqOc4AA3oh
Magento LTS vulnerable to Stored XSS via TinyMCE WYSIWYG Editor
Ecosystems: packagist
Packages: openmage/magento-lts
Source: github
Published: about 1 year ago
High
magento-lts: GSA_kwCzR0hTQS05MzU4LWNwdngtYzJxcM4AA1zS
Magento LTS's guest order "protect code" can be brute-forced too easily
Ecosystems: packagist
Packages: openmage/magento-lts
Source: github
Published: over 1 year ago
High
magento-lts: GSA_kwCzR0hTQS1oNjMyLXA3NjQtcGpxbc4AAxOZ
DataFlow upload remote code execution vulnerability
Ecosystems: packagist
Packages: openmage/magento-lts
Source: github
Published: almost 2 years ago
High
magento-lts: GSA_kwCzR0hTQS01ajJnLTNwaDQtcmd2bc4AAxOY
Fix for authenticated remote code execution through layout update
Ecosystems: packagist
Packages: openmage/magento-lts
Source: github
Published: almost 2 years ago
Moderate
magento-lts: GSA_kwCzR0hTQS0zcDczLW1tN3YtNGY2bc4AAxOW
DoS vulnerability in MaliciousCode filter
Ecosystems: packagist
Packages: openmage/magento-lts
Source: github
Published: almost 2 years ago
High
magento-lts: GSA_kwCzR0hTQS01dnB2LXhtY2otOXE4Nc4AAxOV
Fix for arbitrary file deletion in customer media allows for remote code execution
Ecosystems: packagist
Packages: openmage/magento-lts
Source: github
Published: almost 2 years ago
High
magento-lts: GSA_kwCzR0hTQS1jOXEzLXI0cnYtbWptN84AAxOU
Fix for arbitrary command execution in custom layout update through blocks
Ecosystems: packagist
Packages: openmage/magento-lts
Source: github
Published: almost 2 years ago
Moderate
magento-lts: GSA_kwCzR0hTQS1yM2M5LTlqNXEtcHd2NM4AAxJH
magento-lts Reset Password not protected against well-timed CSRF
Ecosystems: packagist
Packages: openmage/magento-lts
Source: github
Published: almost 2 years ago
High
magento-lts: MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTI2cnItdjJqMi0yNWZo
Layout XML Arbitrary Code Fix
Ecosystems: packagist
Packages: openmage/magento-lts
Source: github
Published: over 3 years ago
High
magento-lts: MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXhtOWYtdnhteC00bTU4
Data Flow Sanitation Issue Fix
Ecosystems: packagist
Packages: openmage/magento-lts
Source: github
Published: over 3 years ago
Critical
magento-lts: MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWZ2cmYtOTQyOC01Mjdt
Backport for CVE-2021-21024 Blind SQLi from Magento 2
Ecosystems: packagist
Packages: openmage/magento-lts
Source: github
Published: over 3 years ago
Critical
magento-lts: MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLW00OTYteDU2Ny1mOThj
Fixes a bug in Zend Framework's Stream HTTP Wrapper
Ecosystems: packagist
Packages: openmage/magento-lts
Source: github
Published: over 3 years ago
High
magento-lts: MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWpyZ2YtdmZ3Mi1oajI2
RCE via PHP Object injection via SOAP Requests
Ecosystems: packagist
Packages: openmage/magento-lts
Source: github
Published: about 4 years ago
High
magento-lts: MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWNyZjIteG02eC00NnA2
Observable Timing Discrepancy in OpenMage LTS
Ecosystems: packagist
Packages: openmage/magento-lts
Source: github
Published: over 4 years ago