Directory traversal vulnerability in web/ajax_pluginconf.php in the MAGMI (aka Magento Mass Importer) plugin for Magento Server allows remote attackers to read arbitrary files via a .. (dot dot) in the file parameter.
View Full Alert
Related Posts
CVE-2015-8313GnuTLS incorrectly validates the first byte of padding in CBC modes View Full Alert
CVE-2015-6960edx-platform before 2015-09-17 allows XSS via a team name. View Full Alert
CVE-2015-0565NaCl in 2015 allowed the CLFLUSH instruction, making rowhammer attacks possible. View Full Alert
