Lucene search
Veracode Vulnerability DatabaseVERACODE:26573HistorySep 02, 2020 - 7:19 a.m.
Cross-site Request Forgery (CSRF)
2020-09-0207:19:19
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
5
EPSS
0.35
Percentile
97.1%
dweeves/magmi is vulnerable to cross-site request forgery (CSRF). Lack of proper CSRF protection and no CSRF token in place to check legitimate request allows an attacker to use an existing admin session to subsequently cause a remote code execution via phpcil command.
Related
nuclei
nuclei
MAGMI - Cross-Site Request Forgery
2020-09-04 13:19:13
cvelist
cvelist
CVE-2020-5776
2020-09-01 20:34:52
checkpoint_advisories
checkpoint_advisories
Magneto MAGMI Remote Code Execution (CVE-2020-5776)
2020-09-15 00:00:00
prion
prion
Cross site request forgery (csrf)
2020-09-01 21:15:00
github
github
Cross-Site Request Forgery in MAGMI
2021-05-06 18:54:41
cve
cve
CVE-2020-5776
2020-09-01 21:15:12
osv
osv
Cross-Site Request Forgery in MAGMI
2021-05-06 18:54:41
openvas
openvas
Magmi (Magento Mass Importer) <= 0.7.24 CSRF Vulnerability
2020-07-02 00:00:00
nvd
nvd
CVE-2020-5776
2020-09-01 21:15:12
threatpost
threatpost
Magento Sites Vulnerable to RCE Stemming From Magmi Plugin Flaws
2020-09-01 20:19:49