Magmi 漏洞列表
共找到 6 个与 Magmi 相关的漏洞
📅 加载漏洞趋势中...
-
CVE-2015-2067: Magento Server MAGMI - Directory Traversal POC
Magento Server MAGMI (aka Magento Mass Importer) contains a directory traversal vulnerability in web/ajax_pluginconf.php. that allows remote attackers to read arbitrary files via a .. (dot dot) in the file parameter. -
CVE-2017-7391: Magmi 0.7.22 - Cross-Site Scripting POC
Magmi 0.7.22 contains a cross-site scripting vulnerability due to insufficient filtration of user-supplied data (prefix) passed to the magmi-git-master/magmi/web/ajax_gettime.php URL. -
CVE-2020-5776: MAGMI - Cross-Site Request Forgery POC
MAGMI (Magento Mass Importer) is vulnerable to cross-site request forgery (CSRF) due to a lack of CSRF tokens. Remote code execution (via phpcli command) is also possible in the event that CSRF is leveraged against an existing admin session. -
CVE-2015-2067: Magento Server MAGMI - Directory Traversal POC
Magento Server MAGMI (aka Magento Mass Importer) contains a directory traversal vulnerability in web/ajax_pluginconf.php. that allows remote attackers to read arbitrary files via a .. (dot dot) in the file parameter. -
CVE-2017-7391: Magmi 0.7.22 - Cross-Site Scripting POC
Magmi 0.7.22 contains a cross-site scripting vulnerability due to insufficient filtration of user-supplied data (prefix) passed to the magmi-git-master/magmi/web/ajax_gettime.php URL. -
CVE-2020-5776: MAGMI - Cross-Site Request Forgery POC
MAGMI (Magento Mass Importer) is vulnerable to cross-site request forgery (CSRF) due to a lack of CSRF tokens. Remote code execution (via phpcli command) is also possible in the event that CSRF is leveraged against an existing admin session.