1. CVE-Search
  2. CVE-2021-37764
ID CVE-2021-37764
Summary Arbitrary File Deletion vulnerability in XOS-Shop xos_shop_system 1.0.9 via current_manufacturer_image parameter to /shop/admin/manufacturers.php.
References
Vulnerable Configurations
  • cpe:2.3:a:xos-shop:xos_shop_system:1.0.9:*:*:*:*:*:*:*
    cpe:2.3:a:xos-shop:xos_shop_system:1.0.9:*:*:*:*:*:*:*
CVSS
Base: 5.5 (as of 28-06-2022 - 13:27)
Impact:
Exploitability:
CWE CWE-862
CAPEC
Access
VectorComplexityAuthentication
NETWORK LOW SINGLE
Impact
ConfidentialityIntegrityAvailability
NONE PARTIAL PARTIAL
cvss-vector via4 AV:N/AC:L/Au:S/C:N/I:P/A:P
Last major update 28-06-2022 - 13:27
Published 16-06-2022 - 21:15
Last modified 28-06-2022 - 13:27
Back to Top