CVE-2020-26008

The PluginsUpload function in application/service/PluginsAdminService.php of ShopXO v1.9.0 contains an arbitrary file upload vulnerability which allows attackers to execute arbitrary code via uploading a crafted PHP file...

Design/Logic Flaw

The PluginsUpload function in application/service/PluginsAdminService.php of ShopXO v1.9.0 contains an arbitrary file upload vulnerability which allows attackers to execute arbitrary code via uploading a crafted PHP file...

CVE-2020-26008

The PluginsUpload function in application/service/PluginsAdminService.php of ShopXO v1.9.0 contains an arbitrary file upload vulnerability which allows attackers to execute arbitrary code via uploading a crafted PHP file...

CVE-2020-26008

CVE-2020-26008 affects ShopXO v1.9.0, where the PluginsUpload function in application/service/PluginsAdminService.php exposes an arbitrary file upload vulnerability that allows attackers to execute arbitrary PHP code by uploading a crafted file. Technical details across sources confirm the vulner...

ShopXO 代码问题漏洞

ShopXO is an open source enterprise-level open source e-commerce system. A security vulnerability exists in ShopXO v1.9.0, which originates from the PluginsUpload function in application/service/PluginsAdminService.php contains an arbitrary file upload. An attacker can execute arbitrary code by...