2 matches found
CVE-2014-8770
Unrestricted file upload vulnerability in magmi/web/magmi.php in the MAGMI aka Magento Mass Importer plugin 0.7.17a and earlier for Magento Community Edition CE allows remote authenticated users to execute arbitrary code by uploading a ZIP file that contains a PHP file, then accessing the PHP fil...
CVE-2014-8770
MAGMI (Magento Mass Importer) plugin for Magento CE has an Unrestricted File Upload vulnerability in magmi/web/magmi.php, affecting version 0.7.17a and earlier. The root cause is an unrestricted upload of a ZIP containing a PHP file, enabling remote authenticated users to execute arbitrary code b...