Vulnerability CVE-2015-6497

Vulnerability CVE-2015-6497

Published: 2020-01-15

Description:

	Topic	Author	Date
Med.	Magento <= 1.9.2 (catalogProductCreate) Autoloaded File Inclusion Vulnerability	Egidio Romano	15.09.2015

Type:

(Improper Input Validation)

CVSS Base Score	Impact Subscore	Exploitability Subscore
6.5/10	6.4/10	8/10

http://blog.mindedsecurity.com/2015/09/autoloaded-file-inclusion-in-magento.html

http://karmainsecurity.com/KIS-2015-04

http://magento.com/security/patches/supee-6482

http://packetstormsecurity.com/files/133544/Magento-1.9.2-File-Inclusion.html

http://seclists.org/fulldisclosure/2015/Sep/48