Lucene search
K

4 matches found

OSV
OSV
added 2021/04/22 4:11 p.m.37 views

GHSA-FVRF-9428-527M Backport for CVE-2021-21024 Blind SQLi from Magento 2

Impact This vulnerability allows an administrator unauthorized access to restricted resources. We fixed a vulnerability in the MySQL adapter to prevent SQL injection attacks. This is a backport of CVE-2021-21024 https://helpx.adobe.com/security/products/magento/apsb21-08.html. Patches Has the...

9.1CVSS8.1AI score0.01075EPSS
Exploits0References2
Github Security Blog
Github Security Blog
added 2021/04/22 4:11 p.m.101 views

Backport for CVE-2021-21024 Blind SQLi from Magento 2

Impact This vulnerability allows an administrator unauthorized access to restricted resources. We fixed a vulnerability in the MySQL adapter to prevent SQL injection attacks. This is a backport of CVE-2021-21024 https://helpx.adobe.com/security/products/magento/apsb21-08.html. Patches Has the...

9.1CVSS3.6AI score0.02772EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2021/02/11 7:29 p.m.17 views

CVE-2021-21024 Magento Commerce Blind SQL Injection Could Lead To Unauthorized Access

Magento versions 2.4.1 and earlier, 2.4.0-p1 and earlier and 2.3.6 and earlier are affected by a blind SQL injection vulnerability in the Search module. Successful exploitation could lead to unauthorized access to restricted resources by an unauthenticated attacker. Access to the admin console is...

9.1CVSS9.5AI score0.02772EPSS
Exploits0References1
CVE
CVE
added 2021/02/11 7:29 p.m.140 views

CVE-2021-21024

The CVE-2021-21024 entry details a blind SQL injection in Magento’s Search module affecting Magento Community editions up to 2.4.1 (and earlier) and 2.4.0-p1, 2.3.6 (and earlier). The underlying issue enables an unauthenticated attacker, with admin console access, to potentially view restricted r...

9.1CVSS8.2AI score0.02772EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder