Anfälligkeitssuche        Suche in 219043 CVE Beschreibungen
und 99761 Test Beschreibungen,
Zugriff auf 10,000+ Quellverweise.
Tests   CVE   Alle  

Test Kennung:1.3.6.1.4.1.25623.1.0.108810
Kategorie:Web application abuses
Titel:Magmi (Magento Mass Importer) <= 0.7.17a Unrestricted File Upload Vulnerability
Zusammenfassung:Magmi is prone to an unrestricted file upload vulnerability.
Beschreibung:Summary:
Magmi is prone to an unrestricted file upload vulnerability.

Vulnerability Insight:
Remote authenticated users are able to execute arbitrary code by
uploading a ZIP file that contains a PHP file, then accessing the PHP file via a direct request
to it in magmi/plugins/.

Affected Software/OS:
Magmi versions 0.7.17a and earlier.

Solution:
No known solution was made available for at least one year since
the disclosure of this vulnerability. Likely none will be provided anymore. General solution options
are to upgrade to a newer release, disable respective features, remove the product or replace the
product by another one.

CVSS Score:
9.0

CVSS Vector:
AV:N/AC:L/Au:S/C:C/I:C/A:C

Querverweis: Common Vulnerability Exposure (CVE) ID: CVE-2014-8770
http://www.exploit-db.com/exploits/35052
http://osvdb.org/show/osvdb/113848
CopyrightCopyright (C) 2020 Greenbone Networks GmbH

Dies ist nur einer von 99761 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus.

Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.




© 1998-2024 E-Soft Inc. Alle Rechte vorbehalten.