Magento SQL Injection Vulnerability

Publish Date: 24 novembre 2016

• Email
• Facebook
• 
  Twitter
• Google+
• Linkedin

  Gravité: : Critique

  Identifiant(s) CVE: : CVE-2015-1397

---

  Description

SQL injection vulnerability in Magento 1.9.1.0 CE and 1.14.1.0 EE allows remote attackers to execute arbitrary SQL commands.

  Information Exposure Rating:

Apply associated Trend Micro DPI Rules.

  Solutions

  Trend Micro Deep Security DPI Rule Number: 1000608

  Trend Micro Deep Security DPI Rule Name: 1000608 - Generic SQL Injection Prevention

  Affected software and version:

• Magento