CyberSec.Space Logo
返回 CVE 浏览器

CVE-2021-32172

CRITICAL
9.8
CVSS Severity Score
EPSS Score0.0150%
EPSS Percentile1.93th
Published2021年10月7日
Last Modified2024年11月21日

Vulnerability Description

Maian Cart v3.8 contains a preauthorization remote code execution (RCE) exploit via a broken access control issue in the Elfinder plugin.

Affected Platforms (CPE)

📦
Maianscriptworld

Maian Cart

= 3.8

References & Advisories

🔗 http://packetstormsecurity.com/files/164445/Maian-Cart-3.8-Remote-Code-Execution.html
🔗 https://dreyand.github.io/maian-cart-rce/
🔗 https://github.com/DreyAnd/maian-cart-rce
🔗 https://www.maianscriptworld.co.uk/
🔗 http://packetstormsecurity.com/files/164445/Maian-Cart-3.8-Remote-Code-Execution.html
🔗 https://dreyand.github.io/maian-cart-rce/
🔗 https://github.com/DreyAnd/maian-cart-rce
🔗 https://www.maianscriptworld.co.uk/

相关漏洞威胁

CVE-2008-10754.3

Cross-site scripting (XSS) vulnerability in index.php in Maian Cart 1.1 allows remote attackers to inject arbitrary web script or ...

CVE-2008-22124.3

Multiple cross-site scripting (XSS) vulnerabilities in Maian Cart 1.1 allow remote attackers to inject arbitrary web script or HTM...

CVE-2026-121917.8

A vulnerability was found in Comma AI Openpilot 0.11. This issue affects the function pickle.load/pickle.loads of the file selfdri...

CVE-2026-121905.3

A vulnerability has been found in Genspark AI Workspace App 2.8.4 on Android. This vulnerability affects unknown code of the compo...