Preauthorization Remote Code Execution (RCE) Vulnerability in Maian Cart v3.8 via Elfinder Plugin Access Control Issue
CVE-2021-32172 · CRITICAL Severity
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Maian Cart v3.8 contains a preauthorization remote code execution (RCE) exploit via a broken access control issue in the Elfinder plugin.
Learn more about our Web Application Penetration Testing UK.