Magento and Joomla RCE vulnerability endangering the platforms and their servers.
- 13/05/2015 15:54A critical Remote Code Execution (RCE) vulnerability has been found and confirmed on the e-commerce platform (owned by eBay) Magento. The vulnerability is affecting hundreds of thousands of online merchants worldwide and if exploited, the critical vulnerability could allow a hacker to compromise completely any online store powered by Magento and gain access to credit card details and other financial as well as personal information related to the customers.
The vulnerabilities that lead to remote code execution (RCE) flaw are present in the Magento core code, and affect the default installation of both Magento Community and Magento Enterprise Editions.