2024-03-21 00:00:00
mitre
PUBLISHED
An issue was discovered in osCommerce v4, allows local attackers to bypass file upload restrictions and execute arbitrary code via administrator profile photo upload feature.