CVE-2015-2067 (MEDIUM) CVSS 5.0

🟡 Severity: MEDIUM (CVSS 5.0)

Directory traversal vulnerability in web/ajax_pluginconf.php in the MAGMI (aka Magento Mass Importer) plugin for Magento Server allows remote attackers to read arbitrary files via a .. (dot dot) in the file parameter.

Published: 2015-02-24
Last Modified: 2026-05-06 ⚠️

References:

• packetstormsecurity.com/files/130…
• www.exploit-db.com/exploits/…
• www.securityfocus.com/bid/74881
• packetstormsecurity.com/files/130…
• www.exploit-db.com/exploits/…

View Full CVE Details on NIST NVD →