CVE-2021-39402
MaianAffiliate v.1.0 is suffers from code injection by adding a new product via the admin panel. The injected payload is reflected on the affiliate main page for all authenticated and unauthenticated visitors.
Date published : 2021-09-20
https://github.com/mari0x00/MaianAffiliate-Code-execution-and-XSS