Lucene search
AdobeCVELIST:CVE-2019-7139HistoryApr 10, 2019 - 5:07 p.m.
CVE-2019-7139
2019-04-1017:07:20
adobe
www.cve.org
6
An unauthenticated user can execute SQL statements that allow arbitrary read access to the underlying database, which causes sensitive data leakage. This issue is fixed in Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2.
CNA Affected
[
{
"product": "Magento Open Source",
"vendor": "Magento",
"versions": [
{
"status": "affected",
"version": "prior to 1.9.4.1"
}
]
},
{
"product": "Magento Commerce",
"vendor": "Magento",
"versions": [
{
"status": "affected",
"version": "prior to 1.14.4.1"
}
]
},
{
"product": "Magento",
"vendor": "Magento",
"versions": [
{
"status": "affected",
"version": "prior to 2.1.17"
},
{
"status": "affected",
"version": "prior to 2.2.8"
},
{
"status": "affected",
"version": "prior to 2.3.1"
}
]
}
]Related
osv
osv
Magento 2 Community Edition SQLi Vulnerability
2022-05-24 22:00:38
CVE-2019-7139
2019-04-10 18:29:01
prion
prion
Code injection
2019-04-10 18:29:00
friendsofphp
friendsofphp
PRODSECBUG-2198: SQL Injection due to a flaw in MySQL adapter
2019-06-25 00:00:00
SUPEE-11086 - RCE, XSS, CSRF and other vulnerabilities
2019-03-26 00:00:00
SUPEE-11086 - RCE, XSS, CSRF and other vulnerabilities
2019-03-26 00:00:00
openvas
openvas
Magento SQL Injection Vulnerability (CVE-2019-7139)
2019-04-23 00:00:00
dsquare
dsquare
Magento 2 SQL Injection
2019-04-07 00:00:00
nvd
nvd
CVE-2019-7139
2019-04-10 18:29:01
nuclei
nuclei
Magento - SQL Injection
2024-03-16 17:23:48
github
github
Magento 2 Community Edition SQLi Vulnerability
2022-05-24 22:00:38
cve
cve
CVE-2019-7139
2019-04-10 18:29:01