CVE-2015-6497 | Magento Community Edition/Enterprise Edition on PHP5 V2.php create productData input validation (KIS-2015-04)

Inserito da Angelo Barbosa | Mag 5, 2025 | CVE

A vulnerability classified as critical has been found in Magento Community Edition and Enterprise Edition on PHP5. This affects the function create of the file app/code/core/Mage/Catalog/Model/Product/Api/V2.php. The manipulation of the argument productData leads to improper input validation.

This vulnerability is uniquely identified as CVE-2015-6497. It is possible to initiate the attack remotely. Furthermore, there is an exploit available.

It is recommended to upgrade the affected component.

CVE-2015-6497 | Magento Community Edition/Enterprise Edition on PHP5 V2.php create productData input validation (KIS-2015-04)

Post correlati

CVE-2024-13309 | Drupal Login Disable up to 2.1.0 improper authentication

CVE-2024-41206 | tsMuxer nightly-2024-03-14-01-51-12 TS Video File stack-based overflow (Issue 859)

CVE-2023-52220 | MonsterInsights Google Analytics Plugin up to 8.21.0 on WordPress authorization

CVE-2024-53899 | virtualenv up to 20.26.5 Activation Script command injection (Issue 2768)