Magento eCommerce Web Sites Remote Code Execution Exploit

Magento eCommerce Web Sites suffers from a Authentication Bypass Vulnerability, a Blind SQL Injection Vulnerability and a Remote File Inclusion Vulnerability. These 3 vulnerabilities, allows an attacker to gain arbitrary code execution on the affected system.
Platform: 
Vulnerabilty ID: 
CVE-2015-1397
Product Version: 
2015_R1
Released Date: 
Monday, September 7, 2015 - 00:00