Lucene search
+L

4 matches found

NVD
NVD
added 2023/10/13 7:15 a.m.32 views

CVE-2023-38221

Adobe Commerce versions 2.4.7-beta1 and earlier, 2.4.6-p2 and earlier, 2.4.5-p4 and earlier and 2.4.4-p5 and earlier are affected by an Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability that could lead in arbitrary code execution by an admin-privileg...

8CVSS8.2AI score0.00829EPSS
Exploits0References1
Cvelist
Cvelist
added 2023/10/13 6:15 a.m.49 views

CVE-2023-38221 Adobe Commerce | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') (CWE-89)

Adobe Commerce versions 2.4.7-beta1 and earlier, 2.4.6-p2 and earlier, 2.4.5-p4 and earlier and 2.4.4-p5 and earlier are affected by an Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability that could lead in arbitrary code execution by an admin-privileg...

8CVSS8.3AI score0.00829EPSS
Exploits0References1
CVE
CVE
added 2023/10/13 6:15 a.m.104 views

CVE-2023-38221

CVE-2023-38221 concerns Adobe Commerce/Magento with an SQL Injection in versions up to 2.4.7-beta1 and earlier. The root cause is improper neutralization of special elements in an SQL command. The impact is potential arbitrary code execution by an attacker with admin privileges (no user interacti...

8CVSS7.6AI score0.00829EPSS
Exploits0References1Affected Software2
OSV
OSV
added 2023/10/13 6:15 a.m.38 views

CVE-2023-38221 Adobe Commerce | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') (CWE-89)

Adobe Commerce versions 2.4.7-beta1 and earlier, 2.4.6-p2 and earlier, 2.4.5-p4 and earlier and 2.4.4-p5 and earlier are affected by an Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability that could lead in arbitrary code execution by an admin-privileg...

8CVSS7.5AI score0.00829EPSS
Exploits0References3
Rows per page
Query Builder