Tag
critical
advisory
Mirasvit Full Page Cache Warmer for Magento 2 PHP Object Injection RCE (CVE-2026-45247)
2 rules 2 TTPs 1 CVEMirasvit Full Page Cache Warmer for Magento 2 before version 1.11.12 contains a PHP object injection vulnerability (CVE-2026-45247) that allows unauthenticated attackers to achieve remote code execution by supplying a crafted serialized PHP object in the CacheWarmer cookie.
Full Page Cache Warmer for Magento 2 +1
php-object-injection
rce
magento
web-application
cve-2026-45247
2r
2t
1c
critical
advisory
Adobe Commerce XXE Vulnerability (CVE-2024-34102) Exploit Released
2 rules 1 TTP 1 CVE 1 IOCA public exploit, named CosmicSting, has been released for CVE-2024-34102, an XML External Entity (XXE) Injection vulnerability in Adobe Commerce allowing for unauthenticated remote file read, SSRF, and potential RCE.
Commerce
cve-2024-34102
xxe
adobe commerce
magento
2r
1t
1c
1i