Lucene search
K

CVE-2021-32172

🗓️ 07 Oct 2021 10:18:09Reported by mitreType 
cve
 cve
🔗 web.nvd.nist.gov👁 114 Views🌐 WEB

Maian Cart v3.8 preauthorization RCE exploit via broken access control in Elfinder plugin

Related
Detection
Refs
Paths
ReporterTitlePublishedViews
Family
0day.today
Maian-Cart 3.8 - Remote Code Execution (Unauthenticated) Exploit
8 Oct 202100:00
zdt
Circl
CVE-2021-32172
27 Apr 202309:58
circl
CNNVD
Maian Script World Maian Cart 安全漏洞
7 Oct 202100:00
cnnvd
Cvelist
CVE-2021-32172
7 Oct 202110:18
cvelist
Exploit DB
Maian-Cart 3.8 - Remote Code Execution (RCE) (Unauthenticated)
8 Oct 202100:00
exploitdb
Nuclei
Maian Cart <=3.8 - Remote Code Execution
30 Jun 202604:56
nuclei
NVD
CVE-2021-32172
7 Oct 202111:15
nvd
OSV
CVE-2021-32172
7 Oct 202111:15
osv
Packet Storm
Maian-Cart 3.8 Remote Code Execution
8 Oct 202100:00
packetstorm
Prion
Improper access control
7 Oct 202111:15
prion
Rows per page
NVD
ParameterPositionPathDescriptionCWE
pquery paramadmin/index.php?p=ajax-ops&op=elfinder&cmd=mkfile&name=shell.php&target=l1_LwPre-auth RCE via broken access control in elFinder: creates a shell file (shell.php) on the server.CWE-862
opquery paramadmin/index.php?p=ajax-ops&op=elfinder&cmd=mkfile&name=shell.php&target=l1_LwPre-auth RCE via broken access control in elFinder: creates a shell file (shell.php) on the server.CWE-862
cmdquery paramadmin/index.php?p=ajax-ops&op=elfinder&cmd=mkfile&name=shell.php&target=l1_LwPre-auth RCE via broken access control in elFinder: creates a shell file (shell.php) on the server.CWE-862
namequery paramadmin/index.php?p=ajax-ops&op=elfinder&cmd=mkfile&name=shell.php&target=l1_LwPre-auth RCE via broken access control in elFinder: creates a shell file (shell.php) on the server.CWE-862
targetquery paramadmin/index.php?p=ajax-ops&op=elfinder&cmd=mkfile&name=shell.php&target=l1_LwPre-auth RCE via broken access control in elFinder: creates a shell file (shell.php) on the server.CWE-862
cmdrequest bodyadmin/index.php?p=ajax-ops&op=elfinderWrites PHP payload to the previously created file using elFinder put command.CWE-862
targetrequest bodyadmin/index.php?p=ajax-ops&op=elfinderWrites PHP payload to the previously created file using elFinder put command.CWE-862
contentrequest bodyadmin/index.php?p=ajax-ops&op=elfinderWrites PHP payload to the previously created file using elFinder put command.CWE-862
cmdpathproduct-downloads/shell.phpExecute commands on the server via the uploaded PHP shell.CWE-862
cmdquery paramadmin/index.php?p=ajax-ops&op=elfinder&cmd=rm&targets%5B%5D={file_id}Cleanup: remove the uploaded shell file using elFinder rm command.CWE-862
Rows per page

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

17 Jun 2026 03:52Current
9.7High risk
Vulners AI Score9.7
CVSS 27.5
CVSS 3.19.8
EPSS0.66433
114