CVE-2022-36580
CVE-2022-36580 affects Online Ordering System v2.3.2 via the /admin/products/controller.php?action=add component, enabling arbitrary code execution through an crafted PHP file due to an arbitrary file upload vulnerability. Public sources in the connected documents reiterate the exact vulnerable c...