SecurityHome.eu Security vulnerability: Magento eCommerce SQL Injection / RFI / LFI / Command Execution

Home / vulnerabilities PDF

Magento eCommerce SQL Injection / RFI / LFI / Command Execution
Posted on 24 April 2015
Source : packetstormsecurity.org Link

RCE on the most popular eCommerce (/shopping cart) platform out there - we have been urging admins to patch for a while now.
This one is as serious as it gets, auth bypass + SQLi + RFI converted to LFI. Props to our own Netanel Rubin for the top research.
Check Point was awarded with a $20k USD bounty for this report, which we have decided to donate to charity.

Check out the complete technical analysis at http://blog.checkpoint.com/2015/04/20/analyzing-magento-vulnerability/

Cheers,

Shahar Tal
Malware & Vulnerability Research AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
Check Point Software Technologies | * +972-3-753-4536 | M +972-545-888887 | * shahartal@checkpoint.com<mailto:shahartal@checkpoint.com>

TOP

Malware :

RATDispenser
whispergate
Borat RAT
Trojanized X_Trader
BlackLotus

Last 20

Exploits :

Customer Support System 1.0 Cross Site Scripting
Xhibiter NFT Marketplace 1.10.2 SQL Injection
WordPress WPCode Lite 2.1.14 Cross Site Scripting
Azon Dominator Affiliate Marketing Script SQL Injection
Simple Laboratory Management System 1.0 SQL Injection

Last 20