Lucene search
GoogleOSV:GHSA-CV7M-WC7G-7GFPHistoryMay 06, 2021 - 6:54 p.m.
Cross-Site Request Forgery in MAGMI
2021-05-0618:54:41
Google
osv.dev
13
magmi
csrf
remote code execution
vulnerability
security issue
EPSS
0.35
Percentile
97.1%
All versions of MAGMI up to and including version 0.7.24 are vulnerable to CSRF due to the lack of CSRF tokens. RCE (via phpcli command) is possible in the event that a CSRF is leveraged against an existing admin session for MAGMI.
Related
nuclei
nuclei
MAGMI - Cross-Site Request Forgery
2020-09-04 13:19:13
cvelist
cvelist
CVE-2020-5776
2020-09-01 20:34:52
checkpoint_advisories
checkpoint_advisories
Magneto MAGMI Remote Code Execution (CVE-2020-5776)
2020-09-15 00:00:00
prion
prion
Cross site request forgery (csrf)
2020-09-01 21:15:00
github
github
Cross-Site Request Forgery in MAGMI
2021-05-06 18:54:41
cve
cve
CVE-2020-5776
2020-09-01 21:15:12
openvas
openvas
Magmi (Magento Mass Importer) <= 0.7.24 CSRF Vulnerability
2020-07-02 00:00:00
veracode
veracode
Cross-site Request Forgery (CSRF)
2020-09-02 07:19:19
nvd
nvd
CVE-2020-5776
2020-09-01 21:15:12
threatpost
threatpost
Magento Sites Vulnerable to RCE Stemming From Magmi Plugin Flaws
2020-09-01 20:19:49