Lucene search
GitHub Advisory DatabaseGHSA-C252-XC8V-MQMMHistoryMay 13, 2022 - 1:25 a.m.
MAGMI plugin for Magento Server Directory Traversal
2022-05-1301:25:27
CWE-22
GitHub Advisory Database
github.com
12
5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:N/A:N
0.007 Low
EPSS
Percentile
80.3%
Directory traversal vulnerability in web/ajax_pluginconf.php in the MAGMI (aka Magento Mass Importer) plugin for Magento Server allows remote attackers to read arbitrary files via a … (dot dot) in the file parameter.
| CPE | Name | Operator | Version |
|---|---|---|---|
| dweeves/magmi | le | 0.7.21 |
Related
osv
osv
MAGMI plugin for Magento Server Directory Traversal
2022-05-13 01:25:27
veracode
veracode
Directory Traversal
2017-07-30 19:29:17
prion
prion
Directory traversal
2015-02-24 17:59:00
nuclei
nuclei
Magento Server MAGMI - Directory Traversal
2021-10-11 11:24:36
cve
cve
CVE-2015-2067
2015-02-24 17:59:00
openvas
openvas
Magmi (Magento Mass Importer) < 0.7.22 XSS / LFI Vulnerability
2015-02-06 00:00:00
impervablog
impervablog
CrimeOps of the KashmirBlack Botnet – Part II
2020-10-22 18:55:05
5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:N/A:N
0.007 Low
EPSS
Percentile
80.3%
Related for GHSA-C252-XC8V-MQMM