A SQL injection vulnerability in Magento 2.2 & 2.3 allows arbitrary SQL queries execution by users with store manipulation privileges
Reporter | Title | Published | Views | Family All 8 |
---|---|---|---|---|
OSV | CVE-2019-8130 | 6 Nov 201900:15 | – | osv |
Veracode | SQL Injection | 20 Jun 202408:38 | – | veracode |
Friends Of PHP | PRODSECBUG-2424: SQL injection when accessing group data in email templates | 8 Oct 201900:00 | – | friendsofphp |
Github Security Blog | Magento SQL injection vulnerability | 24 May 202217:00 | – | github |
Cvelist | CVE-2019-8130 | 5 Nov 201923:06 | – | cvelist |
NVD | CVE-2019-8130 | 6 Nov 201900:15 | – | nvd |
Prion | Sql injection | 6 Nov 201900:15 | – | prion |
OpenVAS | Magento 2.2.x < 2.2.10, 2.3.x < 2.3.3 or 2.3.2-p1 Multiple Vulnerabilities (Oct 2019) | 7 Nov 201900:00 | – | openvas |
[
{
"product": "Magento 2",
"vendor": "Adobe Systems Incorporated",
"versions": [
{
"status": "affected",
"version": "Magento 2.2 prior to 2.2.10"
},
{
"status": "affected",
"version": "Magento 2.3 prior to 2.3.3 or 2.3.2-p1"
}
]
}
]
Transform Your Security Services
Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.
Book a live demo