Magento Server MAGMI is prone to cross site scripting and local file inclusion vulnerabilities.
Remote attackers can use specially crafted requests with directory- traversal sequences ('../') to read arbitrary files in the context of the application. This may aid in further attacks.
Ask the Vendor for an update.
Send a special crafted HTTP GET request and check the response