CVE-2016-4010 in Magento CEinfo

Summary

Magento CE and EE before 2.0.6 allows remote attackers to conduct PHP objection injection attacks and execute arbitrary PHP code via crafted serialized shopping cart data.

Statistical analysis made it clear that VulDB provides the best quality for vulnerability data.

Reservation

04/13/2016

Disclosure

01/23/2017

Entries

VulDB provides additional information and datapoints for this CVE:

ID	Vulnerability	CWE	Exp	Cou	CVE
95829	Magento CE/Magento EE injection	74	High	Official fix	CVE-2016-4010

Description

CPE

CWE

CVSS

Exploits

History

Diff

Relate

Threat Intelligence

API JSON

API XML

API CSV

Sources

MITRE
NVD
CVE Details

◂ PreviousOverviewNext ▸

Interested in the pricing of exploits?

See the underground prices here!