ZenCart Improper Neutralization of Special Elements used in an OS Command (OS Command Injection) Vulnerability - CVE-2021-3291 - Vulnerability Database

ZenCart Improper Neutralization of Special Elements used in an OS Command (OS Command Injection) Vulnerability - CVE-2021-3291

High
Reference: CVE-2021-3291
Title: ZenCart Improper Neutralization of Special Elements used in an OS Command (OS Command Injection) Vulnerability
Overview:

Zen Cart 1.5.7b allows admins to execute arbitrary OS commands by inspecting an HTML radio input element (within the modules edit page) and inserting a command.