Listing of Magento Exploits

This is live excerpt from our database. Visit Main Site for more exploits.

Date Name Status Solution
2016-05-19Magento Unauthenticated Arbitrary File WritePublishedFix it
2016-05-19Magento < 2.0.6 - Unauthenticated Remote Code ExecutionPublishedFix it
2016-05-18Magento Unauthenticated Remote Code ExecutionPublishedFix it
2016-03-06Magento XSSPublishedFix it
2016-01-29EBay Magento Persistent Mail EncodingPublishedFix it
2016-01-21Magento 1.9.x Multiple Man-In The MiddlePublishedFix it
2015-12-07 Magento E-Commerce Platform XSS in SWFPublishedFix it
2015-11-18Ebay Magento Commerce Cross Site ScriptingPublishedFix it
2015-11-18Ebay Magento Cross Site Request ForgeryPublishedFix it
2015-11-01EBay Magento XXE InjectionPublishedFix it
2015-09-15Magento Cross Site ScriptingPublishedFix it
2015-09-15Magento <= 1.9.2 (catalogProductCreate) Autoloaded File Inclusion VulnerabilityPublishedFix it
2015-09-14Magento &lt;= 1.9.2 (catalogProductCreate) Autoloaded File Inclusion VulnerabilityPublishedFix it
2015-09-14Magento Bug Bounty #19 - Persistent Filename VulnerabilityPublishedFix it
2015-08-26Magento Add Administrator AccountPublishedFix it
2015-08-20Magento CE Remote Command ExecutionPublishedFix it
2015-07-05Ebay Inc Magento Bug Bounty CSRF Web VulnerabilityPublishedFix it
2015-06-20Ebay Magento Cross Site Request Forgery Web VulnerabilityPublishedFix it
2015-06-19Ebay Magento Persistent Filename VulnerabilityPublishedFix it
2015-06-19Ebay Magento Client Side Cross Site Scripting Web VulnerabilityPublishedFix it
2015-04-23Magento Unauthenticated RCEPublishedFix it
2015-04-22Ebay Magento CMS / API Cross Site ScriptingPublishedFix it
2015-04-11Magento eCommerce Vulnerable Adobe Flex SDKPublishedFix it
2015-02-18Ebay Inc Magento Bug Bounty Persistent Validation & Mail Encoding Web VulnerabilityPublishedFix it
2015-02-05Magento Server MAGMI Plugin Local File Inclusion And Cross Site ScriptingPublishedFix it
2014-11-06Magento E-Commerce Cross Site ScriptingPublishedFix it
2014-10-25Magento Server MAGMI Plugin - Remote File Inclusion (RFI)PublishedFix it
2014-08-05Ebay Inc Magento ProStore CP Filter BypassPublishedFix it
2012-11-16AionWeb, Magento, Liferay Portal, SurgeMail, symfony XSS vulnerabilityPublishedFix it
2012-10-18Unirgy uStoreLocator Magento Extension SQL InjectionPublishedFix it
2012-07-13Magento eCommerce Local File DisclosurePublishedFix it
2010-01-06Magento Multiple Fields Processing Cross Site Scripting VulnerabilitiesPublishedFix it
2009-02-26Magento CSRFPublishedFix it
2009-02-24Magento Multiple Cross Site Scripting Vulnerabilities Magento CSRFPublishedFix it

Copyright © 2016 MagentoExploit v1 BETA.
Member of public Joomla Exploit, WordPress Exploit, phpBB Exploit, Drupal Exploit, TYPO3 Exploit, Magento Exploit, Virtuemart Exploit, osCommerce Exploit, Windows Exploits, Mac Exploit Intelligent Exploit Aggregation Network.
This information is provided for TESTING and LEGAL RESEARCH purposes only. Vulnerability information source(s):,,, and others. Use at your own risk.

All trademarks used are properties of their respective owners. By visiting this website you agree to Terms of Use.