PC World

Unpatched vulnerability exposes Magento online shops to hacking

An unpatched vulnerability in the Magento e-commerce platform could allow hackers to upload and execute malicious code on web servers that host online shops. The flaw was discovered by researchers ...
Threat Post

Critical Magento Holes Open Online Shops to Code Execution

Adobe says the two critical flaws (CVE-2020-24407 and CVE-2020-24400) could allow arbitrary code execution as well as read or write access to the database. Two critical flaws in Magento – Adobe’s ...
CSOonline

Critical Magento SQL injection flaw could be targeted by hackers soon

The Magento content management system used by thousands of online shops has received fixes for several serious vulnerabilities, including an unauthenticated SQL injection flaw that’s likely to soon ...
Bleeping Computer

Magento Sites Hacked via Helpdesk Widget

Hackers are actively targeting Magento sites running a popular helpdesk extension, Dutch security researcher Willem de Groot has discovered. The avenue for these attacks is a Magento extension named ...