Exploitation Summary
CVE-2015-1397 has been observed exploited in the wild (reported by VulnCheck KEV). EIP tracks 5 public exploits from researchers including Manish Tanwar, WHOISshuvam, 0xDTC.
AI-analyzed exploit summary This exploit targets CVE-2015-1397, a SQL injection vulnerability in Magento's admin panel. It creates an admin account with credentials 'forme:forme' by injecting a malicious payload into the 'Cms_Wysiwyg' directive endpoint.
Description
SQL injection vulnerability in the getCsvFile function in the Mage_Adminhtml_Block_Widget_Grid class in Magento Community Edition (CE) 1.9.1.0 and Enterprise Edition (EE) 1.14.1.0 allows remote administrators to execute arbitrary SQL commands via the popularity[field_expr] parameter when the popularity[from] or popularity[to] parameter is set.
Exploits (5)
This exploit targets CVE-2015-1397, a SQL injection vulnerability in Magento's admin panel. It creates an admin account with credentials 'forme:forme' by injecting a malicious payload into the 'Cms_Wysiwyg' directive endpoint.
This PoC exploits CVE-2015-1397, a SQL injection vulnerability in Magento's admin interface, allowing an attacker to create an admin user with arbitrary credentials. The exploit leverages a directive in the Magento admin panel to execute malicious SQL queries.
This repository contains a Bash script that exploits CVE-2015-1397, a SQL injection vulnerability in Magento, to create a new admin user. The script dynamically constructs and sends a Base64-encoded payload to the vulnerable endpoint.
This repository contains a two-stage exploit for CVE-2015-1397, targeting Magento CMS. The first stage (exploit.py) performs SQL injection to create an admin user, while the second stage (post_auth.py) leverages PHP object deserialization to achieve remote code execution.
This PowerShell script exploits CVE-2015-1397, a SQL injection vulnerability in Magento's admin interface. It crafts a malicious payload to create an admin user via the Cms_Wysiwyg directive endpoint.