Lumension® Endpoint Intelligence Center

Intelligence Center » News Archive » Malicious hackers can exploit a vulnerability in Magento to access credit card data

Malicious hackers can exploit a vulnerability in Magento to access credit card data

2015/04/20

Securityweek - (International) Security researchers at Check Point Software identified a security hole in unpatched versions of eBay's Magento e-commerce platform that contain remote code execution (RCE) vulnerabilities that could allow attackers to execute hypertext preprocessor (PHP) code on Web servers containing online stores in order to gain access to databases containing customers' credit card, financial, and personal information.

Source: http://www.securityweek.com/critical-flaw-magento-ecommerce-platform-exposes-online-shops

Note: This news synopsis is taken from the DHS Daily Open Source Infrastructure Report, a daily [Monday through Friday, except US Federal holidays] summary of open-source published information concerning significant critical infrastructure issues; a 10-day archive of the DOSIR can be found at: http://www.dhs.gov/dhs-daily-open-source-infrastructure-report.


Last Updated: 27 May 2016 10:24:09