Advertisement
Top

Zero-Day in Magento plug-in could allow attacker to steal data

October 14, 2015

Via: hacker
Category:

Researchers at Trustwave spotted a zero-day #exploit in the Magmi plugin for the #magento e-commerce platform that can be used by an attacker to access #credentials and potentially gain complete control of the a user’s Magento database.

The vulnerability exists in Magmi version 0.7.21 and prior when downloaded from SourceForge however, versions downloaded from Github are not currently vulnerable.

Read More

RELATED PUBLICATIONS

Info stealer attacks target macOS users
Massachusetts Health Insurer Data Breach Impacts 2.8 Million
INC Ransom claims responsibility for attack on NHS Scotland

Latest Publications

AI set to play key role in future phishing attacks
U.S. Gov imposed Visa restrictions on 13 individuals linked to commercial spyware activity
5 Hard Truths About the State of Cloud Security 2024
Security Curated Copyright © 2024. All rights reserved
Go to ITCurated!