Directory traversal vulnerability in web/ajax_pluginconf.php in the MAGMI (aka Magento Mass Importer) plugin for Magento Server allows remote attackers to read arbitrary files via a .. (dot dot) in the file parameter.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2015-02-24T17:00:00
Updated: 2024-08-06T05:02:43.394Z
Reserved: 2015-02-24T00:00:00
Link: CVE-2015-2067
Vulnrichment
No data.
NVD
Status : Analyzed
Published: 2015-02-24T17:59:03.817
Modified: 2020-07-06T15:07:39.593
Link: CVE-2015-2067
Redhat
No data.