Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
SQL Injection exists in Advanced Newsletter Magento extension before 2.3.5 via the /store/advancednewsletter/index/subscribeajax/an_category_id/ PATH_INFO.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Magento Advanced Newsletter SQL注入漏洞
Vulnerability Description
Magento是美国Magento公司的一套开源的PHP电子商务系统。该系统提供权限管理、搜索引擎和支付网关等功能。Advanced Newsletter是其中的一个电子邮件营销插件。 Magento Advanced Newsletter 2.3.5之前版本中存在SQL注入漏洞。攻击者可利用该漏洞执行任意的SQL命令。
CVSS Information
N/A
Vulnerability Type
N/A