Lucene search
K

5 matches found

RedhatCVE
RedhatCVE
added 2026/01/07 9:33 a.m.6 views

CVE-2019-7889

An injection vulnerability exists in Magento Open Source prior to 1.9.4.2, and Magento Commerce prior to 1.14.4.2, Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. An authenticated user with marketing manipulation privileges can invoke methods that alter data o...

6.5CVSS6.8AI score0.00805EPSS
Exploits0References1
OSV
OSV
added 2022/05/24 4:52 p.m.43 views

GHSA-HXMP-JCQJ-83HM Magento 2 Community Edition Injection Vulnerability

An injection vulnerability exists in Magento Open Source prior to 1.9.4.2, and Magento Commerce prior to 1.14.4.2, Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. An authenticated user with marketing manipulation privileges can invoke methods that alter data o...

6.5CVSS6.6AI score0.00805EPSS
Exploits0References6
Github Security Blog
Github Security Blog
added 2022/05/24 4:52 p.m.21 views

Magento 2 Community Edition Injection Vulnerability

An injection vulnerability exists in Magento Open Source prior to 1.9.4.2, and Magento Commerce prior to 1.14.4.2, Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. An authenticated user with marketing manipulation privileges can invoke methods that alter data o...

6.5CVSS7.3AI score0.00805EPSS
Exploits0References6Affected Software1
Veracode
Veracode
added 2019/08/13 6:27 a.m.20 views

SQL Injection

magento/community-edition is vulnerable to SQL injection. The vulnerability exists as a user with marketing manipulation privileges can invoke methods that alter data of the underlying model followed by corresponding database modifications...

6.5CVSS3.8AI score0.00805EPSS
Exploits0References1Affected Software1
OSV
OSV
added 2019/08/02 10:15 p.m.22 views

CVE-2019-7889

An injection vulnerability exists in Magento Open Source prior to 1.9.4.2, and Magento Commerce prior to 1.14.4.2, Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. An authenticated user with marketing manipulation privileges can invoke methods that alter data o...

6.5CVSS6.9AI score
Exploits0References1
Rows per page
Query Builder