POST /downloader/index.php?A=install&p=../../../../app/etc/local.xml --data "config[protocol]=phar://...&config[channels]=../../../../media/%00"
Magento 1.9.0.0 is an legacy version of the e-commerce platform that has reached its end-of-life (EOL) and contains several critical vulnerabilities that can be exploited for Remote Code Execution (RCE) and SQL injection. Key Vulnerabilities for Magento 1.9.0.0 magento 1.9.0.0 exploit github
Magento CE < 1.9.0.1 - (Authenticated) Remote Code Execution POST /downloader/index