openmage/magento-lts
A fork of Magento-1 that is accepting bug fixes (backward compatible, drop in replacement for official Magento)
Security Advisories for openmage/magento-lts in packagist
Low
8 months ago
Magento LTS vulnerable to stored XSS in theme config fields
packagist
openmage/magento-lts
Moderate
about 1 year ago
Magento LTS vulnerable to stored Cross-site Scripting (XSS) in admin system configs
packagist
openmage/magento-lts
Moderate
over 1 year ago
Magento LTS vulnerable to stored XSS in admin file form
packagist
openmage/magento-lts
High
almost 2 years ago
Magento LTS vulnerable to Stored XSS via TinyMCE WYSIWYG Editor
packagist
openmage/magento-lts
High
about 2 years ago
Magento LTS's guest order "protect code" can be brute-forced too easily
packagist
openmage/magento-lts
High
over 2 years ago
DataFlow upload remote code execution vulnerability
packagist
openmage/magento-lts
High
over 2 years ago
Fix for authenticated remote code execution through layout update
packagist
openmage/magento-lts
High
over 2 years ago
Fix for arbitrary file deletion in customer media allows for remote code execution
packagist
openmage/magento-lts
High
over 2 years ago
Fix for arbitrary command execution in custom layout update through blocks
packagist
openmage/magento-lts
Moderate
over 2 years ago
magento-lts Reset Password not protected against well-timed CSRF
packagist
openmage/magento-lts
Critical
over 4 years ago
Backport for CVE-2021-21024 Blind SQLi from Magento 2
packagist
openmage/magento-lts
Critical
over 4 years ago
Fixes a bug in Zend Framework's Stream HTTP Wrapper
packagist
openmage/magento-lts
High
almost 5 years ago
RCE via PHP Object injection via SOAP Requests
packagist
openmage/magento-lts