| Titel | magento 1.9.2.1 Improper Input Validation |
|---|
| Beschreibung | The create function in app/code/core/Mage/Catalog/Model/Product/Api/V2.php in Magento Community Edition (CE) before x.x.x.x and Enterprise Edition (EE) before x.x.x.x, when used with PHP before 5.4.24 or 5.5.8, allows remote authenticated users to execute arbitrary PHP code via the productData parameter to index.php/api/v2_soap.
See more on : https://nvd.nist.gov/vuln/detail/CVE-2015-6497 |
|---|
| Quelle | ⚠️ https://experienceleague.adobe.com/en/docs/commerce-operations/release/notes/adobe-commerce/overview |
|---|
| Benutzer | Anonymous User |
|---|
| Einreichung | 05.05.2025 17:03 (vor 11 Monaten) |
|---|
| Moderieren | 05.05.2025 17:08 (4 minutes later) |
|---|
| Status | Akzeptiert |
|---|
| VulDB Eintrag | 307431 [Magento Community Edition/Enterprise Edition auf PHP5 V2.php create productData erweiterte Rechte] |
|---|
| Punkte | 20 |
|---|