CVE-2021-38847

See a problem?
Source
https://nvd.nist.gov/vuln/detail/CVE-2021-38847
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2021-38847.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2021-38847
Published
2021-11-01T15:15:07Z
Modified
2024-09-03T03:55:31.010489Z
Severity
  • 8.8 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVSS Calculator
Summary
[none]
Details

S-Cart v6.4.1 and below was discovered to contain an arbitrary file upload vulnerability in the Editor module on the Admin panel. This vulnerability allows attackers to execute arbitrary code via a crafted IMG file.

References

Affected packages

Git / github.com/s-cart/core

Affected ranges

Type
GIT
Repo
https://github.com/s-cart/core
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
Type
GIT
Repo
https://github.com/s-cart/s-cart
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected

Affected versions

4.*

4.0.0
4.0.0-beta
4.0.1
4.0.1.1
4.0.1.2
4.0.1.3
4.0.1.4
4.0.1.5
4.1.0
4.1.0.1
4.1.0.2
4.1.0.3
4.1.0.4
4.1.0.5
4.1.1
4.2.0
4.2.1
4.2.1.1
4.2.1.2
4.2.1.3
4.2.1.4
4.2.1.5
4.2.2.0
4.2.2.1
4.2.2.2
4.3.0
4.3.0.1
4.3.1
4.3.1.1
4.3.1.2
4.3.2
4.3.2.0
4.4.0-beta
4.4.0.0
4.4.0.1
4.4.0.2
4.4.0.3
4.4.0.4
4.4.0.5
4.4.1.0
4.4.1.1
4.4.2.0
4.5.0
4.5.1
4.5.2

5.*

5.0-beta
5.0.0
5.0.0-beta
5.0.1
5.0.2
5.0.2.1
5.0.3
5.0.4
5.0.5
5.0.6
5.0.6.1
5.0.6.2

6.*

6.0-beta
6.0.1
6.0.2
6.0.2.1
6.0.2.2
6.0.2.3
6.0.3
6.0.3.1
6.0.3.2
6.0.3.3
6.0.3.4
6.0.4
6.0.4.1
6.0.4.2
6.0.4.3
6.0.4.4
6.0.4.5
6.0.4.6
6.0.5.0
6.0.5.1
6.0.5.2
6.0.5.3
6.0.5.4
6.0.6
6.0.6.1
6.0.6.2
6.0.6.3
6.0.6.4
6.1.0.0
6.1.0.1
6.1.0.2
6.1.0.3
6.1.1.0
6.1.1.1
6.1.2
6.2.0
6.2.1
6.2.1.1
6.2.1.2
6.2.1.3
6.2.1.4
6.2.1.5
6.2.1.6
6.2.1.7
6.2.1.8
6.2.2.0
6.2.2.1
6.2.2.2
6.2.2.3
6.2.3.0
6.2.3.1
6.2.3.2
6.2.3.3
6.2.3.4
6.2.3.5
6.2.3.6
6.2.3.7
6.3.0
6.3.0-beta
6.3.0.1
6.3.0.2
6.3.0.3
6.3.0.4
6.3.1
6.3.1.1
6.3.1.2
6.3.1.3
6.3.3.0
6.3.3.1
6.3.3.2
6.3.3.3
6.3.3.4
6.3.3.5
6.3.3.6
6.4
6.4.0.0
6.4.0.1
6.4.0.2
6.4.0.3
6.4.0.4
6.4.0.5
6.4.0.6
6.4.1.0

v.*

v.6.0.5

v1.*

v1.0-beta
v1.0.0
v1.0.1
v1.0.2
v1.0.3
v1.0.4
v1.0.5
v1.1.0

v2.*

v2.0.0
v2.0.1
v2.0.2
v2.1.0
v2.1.1
v2.1.10
v2.1.11
v2.1.12
v2.1.13
v2.1.14
v2.1.15
v2.1.16
v2.1.18
v2.1.19
v2.1.2
v2.1.20
v2.1.3
v2.1.4
v2.1.5
v2.1.6
v2.1.7
v2.1.8
v2.1.9

v3.*

v3.0.0
v3.0.1
v3.0.2
v3.0.3
v3.0.4
v3.0.5
v3.0.6
v3.0.7
v3.1-beta
v3.1-beta2
v3.1.0
v3.1.1
v3.1.3
v3.1.4

v4.*

v4.0.0
v4.0.0-beta
v4.0.1
v4.1.0
v4.2
v4.2.0
v4.3
v4.3.2
v4.4
v4.4.0-beta
v4.5

v5.*

v5.0
v5.0-beta
v5.0.3
v5.0.4
v5.0.5
v5.0.6
v5.1-beta

v6.*

v6.0
v6.0-beta
v6.0-beta2
v6.0-beta3
v6.0.1
v6.0.5
v6.0.6
v6.1
v6.1.1
v6.2
v6.2.0
v6.2.1
v6.2.3
v6.2.3.1
v6.2.3.2
v6.3
v6.3.0
v6.3.1
v6.3.2
v6.3.2.1
v6.3.2.2
v6.3.2.3
v6.3.3.0
v6.3.3.1
v6.3.3.3
v6.3.3.4
v6.3.4.0
v6.4
v6.4.0.1
v6.4.1