CVE-2019-17188
CVE-2019-17188 describes an unrestricted file upload in catalog/productinfo/imageupload of Fecshop/FecMall 2.3.4. An attacker can bypass front-end restrictions and upload PHP code to the webserver by supplying image data with image/jpeg content type and a .php extension, due to validation relying...