Lucene search
+L

5 matches found

Github Security Blog
Github Security Blog
added 2022/05/24 5:0 p.m.14 views

Magento Unrestricted file upload vulnerability

An unrestricted file upload vulnerability exists in Magento 2.2 prior to 2.2.10, Magento 2.3 prior to 2.3.3 or 2.3.2-p1. An authenticated admin user can manipulate the Synchronization feature in the Media File Storage of the database to transform uploaded JPEG file into a PHP file...

4.9CVSS6.9AI score0.00763EPSS
Exploits0References4Affected Software1
CNVD
CNVD
added 2019/11/08 12:0 a.m.4 views

Magento File Upload Vulnerability

Magento is an open source PHP e-commerce system from the U.S. company Magento. A file upload vulnerability exists in Magento. An attacker can use this vulnerability to manipulate the synchronization function in the database's Media File Storage to convert uploaded JPEG files to PHP files...

4.9CVSS7.1AI score0.00763EPSS
Exploits0References1
NVD
NVD
added 2019/11/06 12:15 a.m.23 views

CVE-2019-8140

An unrestricted file upload vulnerability exists in Magento 2.2 prior to 2.2.10, Magento 2.3 prior to 2.3.3 or 2.3.2-p1. An authenticated admin user can manipulate the Synchronization feature in the Media File Storage of the database to transform uploaded JPEG file into a PHP file...

4.9CVSS5AI score0.00763EPSS
Exploits0References1
OSV
OSV
added 2019/11/06 12:15 a.m.19 views

CVE-2019-8140

An unrestricted file upload vulnerability exists in Magento 2.2 prior to 2.2.10, Magento 2.3 prior to 2.3.3 or 2.3.2-p1. An authenticated admin user can manipulate the Synchronization feature in the Media File Storage of the database to transform uploaded JPEG file into a PHP file...

4.9CVSS6.6AI score
Exploits0References1
Prion
Prion
added 2019/11/06 12:15 a.m.18 views

Unrestricted file upload

An unrestricted file upload vulnerability exists in Magento 2.2 prior to 2.2.10, Magento 2.3 prior to 2.3.3 or 2.3.2-p1. An authenticated admin user can manipulate the Synchronization feature in the Media File Storage of the database to transform uploaded JPEG file into a PHP file...

4CVSS5AI score0.00763EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder