4 matches found
CVE-2021-3291
Zen Cart 1.5.7b allows admins to execute arbitrary OS commands by inspecting an HTML radio input element within the modules edit page and inserting a command...
Zen Cart 1.5.7b Remote Code Execution
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework This exploit write payload in database and trig to command a bug in an zencart v1.5.7b web application class MetasploitModule 'zencart authenticated remote code executio...
CVE-2021-3291
creationtimestamp| type| source ---|---|--- 2021-03-02 00:00:00+00:00| exploited| https://www.exploit-db.com/exploits/49608 2021-03-02 10:38:13+00:00| published-proof-of-concept| https://t.me/cKure/4147 2021-09-21 06:42:51+00:00| published-proof-of-concept| https://t.me/pwnwikizhchannel/99...
CVE-2021-3291
CVE-2021-3291 affects Zen Cart 1.5.7b. The vulnerability allows an authenticated admin to execute arbitrary OS commands by inspecting an HTML radio input element on the modules edit page and inserting a command. The provided connected documents describe the impact and PoC/exploit references but d...