Vulnerability Database

Published: May 19, 2022
Updated: Nov 16, 2025
CVE: <a href="https://nvd.nist.gov/vuln/detail/CVE-2021-41938" target="_blank" rel="noopener"> CVE-2021-41938
GHSA: <a href="https://github.com/advisories/GHSA-86p5-97jr-r598" target="_blank" rel="noopener"> GHSA-86p5-97jr-r598
Severity: High
Exploit:

309,364

Total vulnerabilities in the database

An issue was discovered in ShopXO CMS 2.2.0. After entering the management page, there is an arbitrary file upload vulnerability in three locations.

CVSS v3:

CVSS v2:

CWEs:

Software	From	Fixed in
shopxo / shopxo	2.2.0	2.2.0.x
shopxo / shopxo	-	2.2.0.x

SynScan provides clear, real-time security insights so you can monitor your attack surface, spot risks early, and act fast—without extra complexity.