Ecosyste.ms: Advisories
An open API service providing security vulnerability metadata for many open source software ecosystems.
Security Advisories: GSA_kwCzR0hTQS1qNGZxLTNmbTctd2g1ds4AAjQs
Magento arbitrary PHP code execution via the productData parameter
The create function in app/code/core/Mage/Catalog/Model/Product/Api/V2.php in Magento Community Edition (CE) before 1.9.2.1 and Enterprise Edition (EE) before 1.14.2.1, when used with PHP before 5.4.24 or 5.5.8, allows remote authenticated users to execute arbitrary PHP code via the productData parameter to index.php/api/v2_soap.
JSON: https://advisories.ecosyste.ms/api/v1/advisories/GSA_kwCzR0hTQS1qNGZxLTNmbTctd2g1ds4AAjQs
Source: GitHub Advisory Database
Origin: Unspecified
Severity: High
Classification: General
Published: over 2 years ago
Updated: about 1 year ago
CVSS Score: 8.8
CVSS vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
EPSS Percentage: 0.01252
EPSS Percentile: 0.85338
Identifiers: GHSA-j4fq-3fm7-wh5v, CVE-2015-6497
References:
- https://nvd.nist.gov/vuln/detail/CVE-2015-6497
- http://blog.mindedsecurity.com/2015/09/autoloaded-file-inclusion-in-magento.html
- http://karmainsecurity.com/KIS-2015-04
- http://magento.com/security/patches/supee-6482
- http://packetstormsecurity.com/files/133544/Magento-1.9.2-File-Inclusion.html
- http://seclists.org/fulldisclosure/2015/Sep/48
- https://github.com/advisories/GHSA-j4fq-3fm7-wh5v
Affected Packages
packagist:magento/core
Affected Version Ranges: < 1.9.2.1Fixed in: 1.9.2.1