shopxo/shopxo is vulnerable to arbitrary file upload. The vulnerability exists in three locations because the upload functions are not properly restricted which allows an attacker to upload malicious files.
CPE | Name | Operator | Version |
---|---|---|---|
shopxo/shopxo | eq | v2.2.0 | |
shopxo/shopxo | eq | v2.2.0 |