CVE-2021-38847
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2021-38847
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2021-38847.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2021-38847
- Published
- 2021-11-01T15:15:07.940Z
- Modified
- 2025-11-14T12:08:19.709663Z
- Severity
-
- 8.8 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVSS Calculator
- Summary
- [none]
- Details
-
S-Cart v6.4.1 and below was discovered to contain an arbitrary file upload vulnerability in the Editor module on the Admin panel. This vulnerability allows attackers to execute arbitrary code via a crafted IMG file.
- References
Affected packages
Git / github.com/s-cart/core
Affected ranges
- Type
- GIT
- Repo
- https://github.com/s-cart/core
- Events
-
Introduced0 Unknown introduced commit / All previous commits are affectedLast affected
Affected versions
4.*
4.0.0
4.0.0-beta
4.0.1
4.0.1.1
4.0.1.2
4.0.1.3
4.0.1.4
4.0.1.5
4.1.0
4.1.0.1
4.1.0.2
4.1.0.3
4.1.0.4
4.1.0.5
4.1.1
4.2.0
4.2.1
4.2.1.1
4.2.1.2
4.2.1.3
4.2.1.4
4.2.1.5
4.2.2.0
4.2.2.1
4.2.2.2
4.3.0
4.3.0.1
4.3.1
4.3.1.1
4.3.1.2
4.3.2
4.3.2.0
4.4.0-beta
4.4.0.0
4.4.0.1
4.4.0.2
4.4.0.3
4.4.0.4
4.4.0.5
4.4.1.0
4.4.1.1
4.4.2.0
4.5.0
4.5.1
4.5.2
5.*
5.0-beta
5.0.0
5.0.0-beta
5.0.1
5.0.2
5.0.2.1
5.0.3
5.0.4
5.0.5
5.0.6
5.0.6.1
5.0.6.2
6.*
6.0-beta
6.0.1
6.0.2
6.0.2.1
6.0.2.2
6.0.2.3
6.0.3
6.0.3.1
6.0.3.2
6.0.3.3
6.0.3.4
6.0.4
6.0.4.1
6.0.4.2
6.0.4.3
6.0.4.4
6.0.4.5
6.0.4.6
6.0.5.0
6.0.5.1
6.0.5.2
6.0.5.3
6.0.5.4
6.0.6
6.0.6.1
6.0.6.2
6.0.6.3
6.0.6.4
6.1.0.0
6.1.0.1
6.1.0.2
6.1.0.3
6.1.1.0
6.1.1.1
6.1.2
6.2.0
6.2.1
6.2.1.1
6.2.1.2
6.2.1.3
6.2.1.4
6.2.1.5
6.2.1.6
6.2.1.7
6.2.1.8
6.2.2.0
6.2.2.1
6.2.2.2
6.2.2.3
6.2.3.0
6.2.3.1
6.2.3.2
6.2.3.3
6.2.3.4
6.2.3.5
6.2.3.6
6.2.3.7
6.3.0
6.3.0-beta
6.3.0.1
6.3.0.2
6.3.0.3
6.3.0.4
6.3.1
6.3.1.1
6.3.1.2
6.3.1.3
6.3.3.0
6.3.3.1
6.3.3.2
6.3.3.3
6.3.3.4
6.3.3.5
6.3.3.6
6.4
6.4.0.0
6.4.0.1
6.4.0.2
6.4.0.3
6.4.0.4
6.4.0.5
6.4.0.6
6.4.1.0