Lucene search
K

5 matches found

OSV
OSV
added 2021/03/15 5:15 p.m.15 views

CVE-2021-27817

A remote command execution vulnerability in shopxo 1.9.3 allows an attacker to upload malicious code generated by phar where the suffix is JPG, which is uploaded after modifying the phar suffix...

9.8CVSS7.3AI score
Exploits0References2
NVD
NVD
added 2021/03/15 5:15 p.m.30 views

CVE-2021-27817

A remote command execution vulnerability in shopxo 1.9.3 allows an attacker to upload malicious code generated by phar where the suffix is JPG, which is uploaded after modifying the phar suffix...

9.8CVSS0.03227EPSS
Exploits0References2
Prion
Prion
added 2021/03/15 5:15 p.m.13 views

Design/Logic Flaw

A remote command execution vulnerability in shopxo 1.9.3 allows an attacker to upload malicious code generated by phar where the suffix is JPG, which is uploaded after modifying the phar suffix...

7.5CVSS9.6AI score0.03227EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2021/03/15 4:41 p.m.38 views

CVE-2021-27817

A remote command execution vulnerability in shopxo 1.9.3 allows an attacker to upload malicious code generated by phar where the suffix is JPG, which is uploaded after modifying the phar suffix...

9.9AI score0.03227EPSS
Exploits0References2
CVE
CVE
added 2021/03/15 4:41 p.m.52 views

CVE-2021-27817

CVE-2021-27817 describes a remote command execution in ShopXO 1.9.3 where an attacker can upload malicious code generated by Phar with a JPG suffix after manipulating the Phar suffix. Documents consistently reference this as a ShopXO RCE affecting version 1.9.3 and involving Phar-based payloads, ...

9.8CVSS9.6AI score0.03227EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder