[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[FD] eBay Magento <= 1.9.2.1 XML eXternal Entity Injection (XXE) on PHP FPM

To: fulldisclosure@xxxxxxxxxxxx
Subject: [FD] eBay Magento <= 1.9.2.1 XML eXternal Entity Injection (XXE) on PHP FPM
From: Dawid Golunski <dawid@xxxxxxxxxxxxxxxx>
Date: Thu, 29 Oct 2015 17:16:44 -0200

eBay Magento CE <= 1.9.2.1 XML eXternal Entity Injection (XXE) on PHP FPM

eBay Magento EE <= 1.14.2.1


Details at:

http://legalhackers.com/advisories/eBay-Magento-XXE-Injection-Vulnerability.txt


Regards,
Dawid Golunski

http://legalhackers.com

_______________________________________________
Sent through the Full Disclosure mailing list
https://nmap.org/mailman/listinfo/fulldisclosure
Web Archives & RSS: http://seclists.org/fulldisclosure/

Prev by Date: [FD] CVE-2015-7723 - Privilege Escalation Via Symlink Attacks On POSIX Shared Memory With Insecure Permissions In AMD fglrx-driver
Next by Date: [FD] KeeFarce - A KeePass 2.x database extraction tool
Previous by thread: [FD] CVE-2015-7723 - Privilege Escalation Via Symlink Attacks On POSIX Shared Memory With Insecure Permissions In AMD fglrx-driver
Next by thread: [FD] KeeFarce - A KeePass 2.x database extraction tool
Index(es):
- Date
- Thread