Description

SQL injection vulnerability in the getCsvFile function in the Mage_Adminhtml_Block_Widget_Grid class in Magento Community Edition (CE) 1.9.1.0 and Enterprise Edition (EE) 1.14.1.0 allows remote administrators to execute arbitrary SQL commands via the popularity[field_expr] parameter when the popularity[from] or popularity[to] parameter is set.

Remediation

References

CVE-2015-1397

Related Vulnerabilities

ownCloud Permissions, Privileges, and Access Controls Vulnerability (CVE-2012-5665)

WordPress Plugin YITH WooCommerce Product Bundles Security Bypass (1.1.15)

concrete5 Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2020-11476)

WordPress Plugin Business Directory-Easy Listing Directories for WordPress PHP Object Injection (4.1.14)

PHP Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2016-7416)

Severity

Medium

Classification

CVE-2015-1397 CWE-138

Tags

Missing Update Known Vulnerabilities