Security Advisory
CVE-2022-36580
CVE vulnerability detail — eXtreme Datacenter Security Operations
Description
An arbitrary file upload vulnerability in the component /admin/products/controller.php?action=add of Online Ordering System v2.3.2 allows attackers to execute arbitrary code via a crafted PHP file.