11 matches found
EUVD-2022-1936
Malicious code in bioql PyPI...
CVE-2014-8770
Unrestricted file upload vulnerability in magmi/web/magmi.php in the MAGMI aka Magento Mass Importer plugin 0.7.17a and earlier for Magento Community Edition CE allows remote authenticated users to execute arbitrary code by uploading a ZIP file that contains a PHP file, then accessing the PHP fil...
Magento Sites Vulnerable to RCE Stemming From Magmi Plugin Flaws
Researchers have disclosed two flaws that could enable remote code execution attacks on the Magento Mass Import Magmi plugin, an open source database client that imports data into Magento. Magmi is a Magento database client written in PHP, which is used to perform raw bulk operations on the model...
Magento E-Commerce Platform Magmi Plugin Information Disclosure
An information disclosure vulnerability has been discovered in Magento e-commerce platform Magmi Plugin. Successful exploitation results in access to Magento site credentials and database encryption key...
Magento Server MAGMI plugin cross-site scripting vulnerability
Magento is the United States Magento company's set of professional open source PHP e-commerce system , it provides rights management , search engine and payment gateway features such as Magento Server is the Magento server . MAGMI aka Magento Mass Importer is one of the product catalogs used to...
Magento Server MAGMI plugin directory traversal vulnerability
Magento is the United States Magento company's set of professional open source PHP e-commerce system , it provides rights management , search engine and payment gateway features such as Magento Server is the Magento server . MAGMI aka Magento Mass Importer is one of the product catalogs used to...
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in the MAGMI aka Magento Mass Importer plugin for Magento Server allow remote attackers to inject arbitrary web script or HTML via the 1 profile parameter to web/magmi.php or 2 QUERYSTRING to web/magmiimportrun.php...
Magento Server MAGMI Plugin - Multiple Vulnerabilities
Exploit Title: Magento Server MAGMI Plugin Local File Inclusion And Cross Site Scripting Software Link: http://sourceforge.net/projects/magmi/ Author: SECUPENT Website:www.secupent.com Email: researchatsecupentdotcom Date: 5-2-2015 ExploitLocal file inclusion :...
CVE-2014-8770
Unrestricted file upload vulnerability in magmi/web/magmi.php in the MAGMI aka Magento Mass Importer plugin 0.7.17a and earlier for Magento Community Edition CE allows remote authenticated users to execute arbitrary code by uploading a ZIP file that contains a PHP file, then accessing the PHP fil...
Unrestricted file upload
Unrestricted file upload vulnerability in magmi/web/magmi.php in the MAGMI aka Magento Mass Importer plugin 0.7.17a and earlier for Magento Community Edition CE allows remote authenticated users to execute arbitrary code by uploading a ZIP file that contains a PHP file, then accessing the PHP fil...
CVE-2014-8770
Unrestricted file upload vulnerability in magmi/web/magmi.php in the MAGMI aka Magento Mass Importer plugin 0.7.17a and earlier for Magento Community Edition CE allows remote authenticated users to execute arbitrary code by uploading a ZIP file that contains a PHP file, then accessing the PHP fil...