Vulnerabilities > Shopxo > Shopxo > 1.9.0
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-03-20 | CVE-2020-26007 | Unrestricted Upload of File with Dangerous Type vulnerability in Shopxo 1.9.0 An arbitrary file upload vulnerability in the upload payment plugin of ShopXO v1.9.0 allows attackers to execute arbitrary code via uploading a crafted PHP file. | 6.8 |
| 2022-03-20 | CVE-2020-26008 | Unrestricted Upload of File with Dangerous Type vulnerability in Shopxo 1.9.0 The PluginsUpload function in application/service/PluginsAdminService.php of ShopXO v1.9.0 contains an arbitrary file upload vulnerability which allows attackers to execute arbitrary code via uploading a crafted PHP file. | 6.8 |