4 matches found
MAGMI - Cross-Site Request Forgery
MAGMI Magento Mass Importer is vulnerable to cross-site request forgery CSRF due to a lack of CSRF tokens. Remote code execution via phpcli command is also possible in the event that CSRF is leveraged against an existing admin session. id: CVE-2020-5776 info: name: MAGMI - Cross-Site Request...
CVE-2020-5776
creationtimestamp| type| source ---|---|--- 2025-01-26 00:00:00+00:00| seen| The Shadowserver honeypot/common-vulnerabilities - 2025-01-26 2025-02-07 00:00:00+00:00| exploited| The Shadowserver honeypot/exploited-vulnerabilities - 2025-02-07 2025-02-17 00:00:00+00:00| seen| The Shadowserver...
Magneto MAGMI Remote Code Execution (CVE-2020-5776)
A remote code execution vulnerability exists in Magneto MAGMI. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
CVE-2020-5776
CVE-2020-5776 affects MAGMI (Magento Mass Importer). MAGMI is vulnerable to cross-site request forgery (CSRF) due to lack of CSRF tokens, and CSRF could be leveraged to achieve remote code execution (RCE) via the phpcli command when an admin session is present. Affected versions include all MAGMI...