Количество 2
Количество 2
CVE-2019-8154
больше 6 лет назад
A remote code execution vulnerability exists in Magento 2.2 prior to 2.2.10, Magento 2.3 prior to 2.3.3 or 2.3.2-p1. An authenticated user with privileges to modify product catalogs can trigger PHP file inclusion through a crafted XML file that specifies product design update.
CVSS3: 8.8
EPSS: Низкий
GHSA-4v2q-hjx3-c4vr
больше 3 лет назад
Magento remote code execution vulnerability
CVSS3: 8.8
EPSS: Низкий
Уязвимостей на страницу
20
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2019-8154 A remote code execution vulnerability exists in Magento 2.2 prior to 2.2.10, Magento 2.3 prior to 2.3.3 or 2.3.2-p1. An authenticated user with privileges to modify product catalogs can trigger PHP file inclusion through a crafted XML file that specifies product design update. | CVSS3: 8.8 | 1% Низкий | больше 6 лет назад |
| GHSA-4v2q-hjx3-c4vr Magento remote code execution vulnerability | CVSS3: 8.8 | 1% Низкий | больше 3 лет назад |
Уязвимостей на страницу
20