Lucene search
K

4 matches found

RedhatCVE
RedhatCVE
added 2026/01/07 9:34 a.m.12 views

CVE-2019-7896

A remote code execution vulnerability exists in Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. An authenticated user with administrator privileges to layouts can execute arbitrary code through a combination of product import, crafted csv file and XML layout...

7.2CVSS8AI score0.01921EPSS
Exploits0References1
Circl
Circl
added 2024/11/14 6:10 a.m.9 views

CVE-2019-7896

creationtimestamp| type| source ---|---|--- 2024-11-14 06:10:12+00:00| seen| MISP/950a8b9a-f5d1-4252-abf0-1552769dc85d...

7.2CVSS6.8AI score0.01921EPSS
Exploits0
CVE
CVE
added 2019/08/02 9:23 p.m.75 views

CVE-2019-7896

CVE-2019-7896 affects Magento versions prior to 2.1.18 (2.1.x), 2.2 prior to 2.2.9, and 2.3 prior to 2.3.2. The flaw allows an authenticated administrator with access to layouts to execute arbitrary code via a combination of product import, a crafted CSV file, and an XML layout update, resulting ...

7.2CVSS7.5AI score0.01921EPSS
Exploits0References1Affected Software1
OpenVAS
OpenVAS
added 2019/07/04 12:0 a.m.174 views

Magento 2.1.x < 2.1.18, 2.2.x < 2.2.9, 2.3.x < 2.3.2 Multiple Vulnerabilities (Jun 2019)

Magento is prone to multiple vulnerabilities, including remote code execution RCE, cross-site scripting XSS and others. See the referenced advisories for further details on each specific vulnerability. SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a...

9.8CVSS7.3AI score0.1545EPSS
Exploits2References3
Rows per page
Query Builder