Описание
MAGMI plugin for Magento Server Directory Traversal
Directory traversal vulnerability in web/ajax_pluginconf.php in the MAGMI (aka Magento Mass Importer) plugin for Magento Server allows remote attackers to read arbitrary files via a .. (dot dot) in the file parameter.
Пакеты
Наименование
dweeves/magmi
composer
Затронутые версииВерсия исправления
<= 0.7.21
Отсутствует
Связанные уязвимости
nvd
почти 11 лет назад
Directory traversal vulnerability in web/ajax_pluginconf.php in the MAGMI (aka Magento Mass Importer) plugin for Magento Server allows remote attackers to read arbitrary files via a .. (dot dot) in the file parameter.