CVE-2021-46820

EPSS 0.14% · P34 Updated Feb 25, 2026

Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2021-46820

Vulnerability Information

Have questions about the vulnerability? See if Shenlong's analysis helps!

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Description

Arbitrary File Deletion vulnerability in XOS-Shop xos_shop_system 1.0.9 via current_manufacturer_image parameter to /shop/admin/categories.php

Source: NVD (National Vulnerability Database)

CVSS Information

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Type

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Title

XOS-Shop xos_shop_system 安全漏洞

Source: CNNVD (China National Vulnerability Database)

Vulnerability Description

xos_shop_system是XOS-Shop开源的一款功能强大的电子商务购物车和 CMS 软件。 XOS-Shop xos_shop_system 1.0.9存在安全漏洞，该漏洞源于通过 /shop/admin/categories.php 的 current_manufacturer_image 参数发现存在任意文件删除漏洞。

Source: CNNVD (China National Vulnerability Database)

CVSS Information

N/A

Source: CNNVD (China National Vulnerability Database)

Vulnerability Type

N/A

Source: CNNVD (China National Vulnerability Database)

Affected Products

Vendor	Product	Affected Versions	CPE	Subscribe
-	n/a	n/a	-

II. Public POCs for CVE-2021-46820

#	POC Description	Source Link	Shenlong Link

AI-Generated POCPremium

No public POC found.

III. Intelligence Information for CVE-2021-46820

请登录查看更多情报信息。

Other References for CVE-2021-46820 (1)

https://github.com/XOS-Shop/xos_shop_system/issues/1x_refsource_MISC

https://nvd.nist.gov/vuln/detail/CVE-2021-46820

Same Patch Batch · n/a · 2022-06-16 · 65 CVEs total

CVE-2022-27531		Autodesk 3ds Max 缓冲区错误漏洞
CVE-2021-41402		flatCore 代码注入漏洞
CVE-2022-31291		dlt-daemon 资源管理错误漏洞
CVE-2022-2085		Artifex Software Ghostscript 代码问题漏洞
CVE-2021-41458		GPAC 缓冲区错误漏洞
CVE-2022-31910		Online Tutor Portal Site 跨站脚本漏洞
CVE-2022-31911		Online Discussion Forum Site SQL注入漏洞
CVE-2022-31912		Online Tutor Portal Site SQL注入漏洞
CVE-2022-31913		Sourcecodester Online Discussion Forum Site 跨站脚本漏洞
CVE-2022-31914		Zoo Management System 跨站脚本漏洞
CVE-2022-31849		MERCURY MIPC451-4 命令注入漏洞
CVE-2022-27532		Autodesk 3ds Max 缓冲区错误漏洞
CVE-2022-22953		VMware HCX 信息泄露漏洞
CVE-2022-31384		Directory Management System SQL注入漏洞
CVE-2022-31383		Directory Management System SQL注入漏洞
CVE-2021-41420		MaianAffiliate 跨站脚本漏洞
CVE-2022-31382		Directory Management System SQL注入漏洞
CVE-2022-29865		OPC UA .NET Standard Stack 授权问题漏洞
CVE-2021-41421		MaianAffiliate 代码问题漏洞
CVE-2022-31298		Haraj 跨站脚本漏洞

Showing top 20 of 65 CVEs. View all on vendor page → →

IV. Related Vulnerabilities

Same product: n/a

Same vendor: n/a

V. Comments for CVE-2021-46820

No comments yet

Goal Reached Thanks to every supporter — we hit 100%!

CVE-2021-46820

I. Basic Information for CVE-2021-46820

Vulnerability Information

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Affected Products

II. Public POCs for CVE-2021-46820

III. Intelligence Information for CVE-2021-46820

Other References for CVE-2021-46820 (1)

Same Patch Batch · n/a · 2022-06-16 · 65 CVEs total

IV. Related Vulnerabilities

V. Comments for CVE-2021-46820

Leave a comment