Lucene search
AdobeCVELIST:CVE-2019-7871HistoryAug 02, 2019 - 9:17 p.m.
CVE-2019-7871
2019-08-0221:17:01
adobe
www.cve.org
A security bypass exists in Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2 that could be abused to execute arbitrary PHP code. An authenticated user can bypass security protections that prevent arbitrary PHP script upload via form data injection.
CNA Affected
[
{
"product": "Magento 2",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2"
}
]
}
]Related
osv
osv
Magento 2 Community Edition Unsafe File Upload
2022-05-24 16:52:24
CVE-2019-7871
2019-08-02 22:15:15
nvd
nvd
CVE-2019-7871
2019-08-02 22:15:15
github
github
Magento 2 Community Edition Unsafe File Upload
2022-05-24 16:52:24
friendsofphp
friendsofphp
PRODSECBUG-2202: Security bypass via form data injection
2019-06-25 00:00:00
cve
cve
CVE-2019-7871
2019-08-02 22:15:15
prion
prion
Security feature bypass
2019-08-02 22:15:00
openvas
openvas