Description

SQL injection vulnerability in the getCsvFile function in the Mage_Adminhtml_Block_Widget_Grid class in Magento Community Edition (CE) 1.9.1.0 and Enterprise Edition (EE) 1.14.1.0 allows remote administrators to execute arbitrary SQL commands via the popularity[field_expr] parameter when the popularity[from] or popularity[to] parameter is set.

Remediation

References

CVE-2015-1397

Related Vulnerabilities

Oracle JRE CVE-2014-2402 Vulnerability (CVE-2014-2402)

WordPress 4.0.x Cross-Domain Flash Injection Vulnerability (4.0 - 4.0.21)

OpenSSL Permissions, Privileges, and Access Controls Vulnerability (CVE-2011-3207)

WordPress Plugin Five Star Restaurant Menu-WordPress Ordering Remote Code Execution (2.2.0)

WordPress Plugin Post SMTP-WP SMTP with Email Logs & Mobile App for Failure Alerts-Any SMTP Plus Gmail SMTP, Office 365, Brevo, Mailgun, Amazon SES, Postmark Cross-Site Scripting (2.1.3)

Severity

Medium

Classification

CVE-2015-1397 CWE-138

Tags

Missing Update Known Vulnerabilities