This module uses an Authentication Bypass vulnerability in Magento eCommerce Web Sites and a blind SQL Injection to gain arbitrary code execution on the affected system.
CVE Link
Exploit Type
Product Name