CVE-2016-4010 in Magento CE
Resumen (Inglés)
Magento CE and EE before 2.0.6 allows remote attackers to conduct PHP objection injection attacks and execute arbitrary PHP code via crafted serialized shopping cart data.
Statistical analysis made it clear that VulDB provides the best quality for vulnerability data.
Reservar
2016-04-13
Divulgación
2017-01-23
Estado
Confirmado
Voces
VulDB provides additional information and datapoints for this CVE:
| ID | Vulnerabilidad | CWE | Exp | Con | CVE |
|---|---|---|---|---|---|
| 95829 | Magento CE/Magento EE escalada de privilegios | 74 | Alto | Arreglo oficial | CVE-2016-4010 |
Descripción
CPE
CWE
CVSS
Hazañas
Historia
Diferencia
Relacionar
Inteligencia de amenazas
API JSON
API XML
API CSV