Magento e-commerce web platform vulnerability

Check Point researchers recently discovered a critical RCE (remote code execution) vulnerability in the Magento web e-commerce platform that can lead to the complete compromise of any Magento-based store. The vulnerability is actually comprised of a chain of several vulnerabilities that ultimately allow an unauthenticated attacker to execute PHP code on the web server. Magento is a popular eCommerce platform used by eBay. 

A patch to address the flaws was released on February 9, 2015 (SUPEE-5344 available here).

To read more go here – http://blog.checkpoint.com/2015/04/20/analyzing-magento-vulnerability/

Leave a Comment

Your email address will not be published.

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Scroll to Top