MAGMI is vulnerable to a remote authentication bypass due to allowing default credentials in the event there is a database connection failure. A remote attacker can trigger this connection failure if the Mysql setting max_connections where the default is and is lower than Apache (or another web server) setting for MaxRequestWorkers, formerly MaxClients, where the default is This can be done by sending at least simultaneous requests to the Magento …
MAGMI is vulnerable to CSRF due to the lack of anti-CSRF tokens. RCE (via phpcli command) is possible in the event that a CSRF is leveraged against an existing admin session for MAGMI.
An attacker could execute arbitrary HTML and script code in a browser in the context of the vulnerable website.
Directory traversal vulnerability in web/ajax_pluginconf.php in the MAGMI (aka Magento Mass Importer) plugin for Magento Server allows remote attackers to read arbitrary files via a .. (dot dot) in the file parameter.
Multiple cross-site scripting (XSS) vulnerabilities in the MAGMI (aka Magento Mass Importer) plugin for Magento Server allow remote attackers to inject arbitrary web script or HTML via the (1) profile parameter to web/magmi.php or (2) QUERY_STRING to web/magmi_import_run.php.
MAGMI (MAGento Mass Importer) suffers from File inclusion vulnerability (RFI) which allows an attacker to upload essentially any PHP file (without any sanity checks). This PHP file could then be used to skim credit card data, rewrite files, run remote commands, delete files, etc. Essentially, this gives attacker ability to execute remote commands on the vulnerable server.