Skip to main content
CVE-2014-8770 CRITICAL POC THREAT Emergency

Unrestricted file upload vulnerability in magmi/web/magmi.php in the MAGMI (aka Magento Mass Importer) plugin 0.7.17a and earlier for Magento Community Edition (CE) allows remote authenticated users. Rated critical severity (CVSS 9.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 13.2%.

RCE Code Injection File Upload PHP Adobe +1
NVD Exploit-DB
CVSS 2.0
9.0
EPSS
13.2%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy