High severity7.2NVD Advisory· Published Mar 10, 2022· Updated Jun 17, 2026
CVE-2022-26521
CVE-2022-26521
Description
Abantecart through 1.3.2 allows remote authenticated administrators to execute arbitrary code by uploading an executable file, because the Catalog>Media Manager>Images settings can be changed by an administrator (e.g., by configuring .php to be a valid image file type).
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
3(expand)+ 1 more
- (no CPE)
- (no CPE)range: <=1.3.2
Patches
Vulnerability mechanics
References
2News mentions
0No linked articles in our index yet.