N/A

Multiple directory traversal vulnerabilities in Magento Community Edition (CE) 1.9.1.0 and Enterprise Edition (EE) 1.14.1.0 allow remote authenticated users to include and execute certain PHP files via (1) .. (dot dot) sequences in the PATH_INFO to index.php or (2) vectors involving a block value in the ___directive parameter to the Cms_Wysiwyg controller in the Adminhtml module, related to the blockDirective function and the auto loading mechanism. NOTE: vector 2 might not cross privilege boundaries, since administrators might already have the privileges to execute code and upload files.

N/A

N/A

Magento Community Edition和Enterprise Edition 目录遍历漏洞

Magento是美国Magento公司的一套开源的PHP电子商务系统，它提供权限管理、搜索引擎和支付网关等功能。Magento Community Edition（CE）是一个社区版。Magento Enterprise Edition（EE）是一个企业版。 Magento CE 1.9.1.0版本和EE 1.14.1.0版本中存在目录遍历漏洞，该漏洞源于index.php脚本没有充分过滤PATH_INFO值中的目录遍历字符‘..’；Adminhtml模块中的Cms_Wysiwyg控制器没有充分过滤‘th

N/A

N/A