2 matches found
CVE-2021-37764
Arbitrary File Deletion vulnerability in XOS-Shop xosshopsystem 1.0.9 via currentmanufacturerimage parameter to /shop/admin/manufacturers.php...
CVE-2021-37764
CVE-2021-37764 affects XOS-Shop xos_shop_system 1.0.9. The vulnerability is described as Arbitrary File Deletion via the current_manufacturer_image parameter to /shop/admin/manufacturers.php, implying an unauthenticated or low-privilege access path that can delete files. The NVD metrics indicate ...