Critical Magento SQL injection flaw could be targeted by hackers soon
The Magento content management system used by thousands of online shops has received fixes for several serious vulnerabilities, including an unauthenticated SQL injection flaw that’s likely to soon become a target for attackers.
Magento, an Adobe-owned company since 2018, released security patches for 37 security issues affecting both the commercial and open-source versions of its platform. Exploitation of the flaws can enable remote code execution, SQL injection, cross-site scripting, privilege escalation, information disclosure and spamming.
Read more: Critical Magento SQL injection flaw could be targeted by hackers soon
Story added 29. March 2019, content source with full text you can find at link above.