VYPR
Unrated severityNVD Advisory· Published Aug 31, 2022· Updated Aug 3, 2024

CVE-2022-36580

CVE-2022-36580

Description

An arbitrary file upload vulnerability in the component /admin/products/controller.php?action=add of Online Ordering System v2.3.2 allows attackers to execute arbitrary code via a crafted PHP file.

Affected products

2

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.