Search 187964 CVE descriptions
and 85075 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:
Category:Web application abuses
Title:Magmi (Magento Mass Importer) <= 0.7.17a Unrestricted File Upload Vulnerability
Summary:Magmi is prone to an unrestricted file upload vulnerability.
Magmi is prone to an unrestricted file upload vulnerability.

Vulnerability Insight:
Remote authenticated users are able to execute arbitrary code by
uploading a ZIP file that contains a PHP file, then accessing the PHP file via a direct request
to it in magmi/plugins/.

Affected Software/OS:
Magmi versions 0.7.17a and earlier.

No known solution was made available for at least one year since
the disclosure of this vulnerability. Likely none will be provided anymore. General solution options
are to upgrade to a newer release, disable respective features, remove the product or replace the
product by another one.

CVSS Score:

CVSS Vector:

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2014-8770
CopyrightCopyright (C) 2020 Greenbone Networks GmbH

This is only one of 85075 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.

© 1998-2020 E-Soft Inc. All rights reserved.