Critical severity9.8OSV Advisory· Published Jan 10, 2019· Updated Jun 17, 2026
CVE-2019-5886
CVE-2019-5886
Description
An issue was discovered in ShopXO 1.2.0. In the application\install\controller\Index.php file, there is no validation lock file in the Add method, which allows an attacker to reinstall the database. The attacker can write arbitrary code to database.php during system reinstallation.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- Range: v1.1.0, v1.2.0
Patches
Vulnerability mechanics
References
1- github.com/gongfuxiang/shopxo/issues/1nvdExploitThird Party Advisory
News mentions
0No linked articles in our index yet.