| Max CVSS | 6.5 | Min CVSS | 6.5 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2015-1399 | 6.5 |
PHP remote file inclusion vulnerability in the fetchView function in the Mage_Core_Block_Template_Zend class in Magento Community Edition (CE) 1.9.1.0 and Enterprise Edition (EE) 1.14.1.0 allows remote administrators to execute arbitrary PHP code via
|
01-04-2016 - 18:36 | 29-04-2015 - 22:59 | |
| CVE-2015-1397 | 6.5 |
SQL injection vulnerability in the getCsvFile function in the Mage_Adminhtml_Block_Widget_Grid class in Magento Community Edition (CE) 1.9.1.0 and Enterprise Edition (EE) 1.14.1.0 allows remote administrators to execute arbitrary SQL commands via the
|
12-05-2015 - 02:03 | 29-04-2015 - 22:59 | |
| CVE-2015-1398 | 6.5 |
Multiple directory traversal vulnerabilities in Magento Community Edition (CE) 1.9.1.0 and Enterprise Edition (EE) 1.14.1.0 allow remote authenticated users to include and execute certain PHP files via (1) .. (dot dot) sequences in the PATH_INFO to i
|
12-05-2015 - 02:03 | 29-04-2015 - 22:59 |