Magento CMS 'RetrieveImage.php' Arbitrary File Upload Vulnerability

Bugtraq ID: 97642
Class: Input Validation Error
CVE:
Remote: Yes
Local: No
Published: Apr 03 2017 12:00AM
Updated: Apr 18 2017 12:06AM
Credit: Bosko Stankovic
Vulnerable: Magento Community Edition 2.0.6
Magento Community Edition 2.0.5
Magento Community Edition 2.0.4
Magento Community Edition 2.0.3
Magento Community Edition 2.0.2
Magento Community Edition 2.1.6
Magento Community Edition 2.0.1
Magento Community Edition 1.9.3.2
Magento Community Edition 1.9.3
Magento Community Edition 1.9.2.3
Magento Community Edition 1.9.2.2
Magento Community Edition 1.9.2.1
Magento Community Edition 1.9.2.0
Magento Community Edition 1.9.1.0
Magento Community Edition 1.8.1
Magento Community Edition 1.7.0.2
Magento Community Edition 1.7.0.1
Not Vulnerable:


 

Privacy Statement
Copyright 2010, SecurityFocus