CVE-2023-43835

Name of the Vulnerable Software and Affected Versions Super Store Finder versions 3.7 and below

Description The issue allows for authenticated Arbitrary PHP Code Injection, potentially leading to Remote Code Execution when settings overwrite config.inc.php content.

Recommendations For Super Store Finder versions 3.7 and below, update to a version above 3.7 to resolve the issue. As a temporary workaround, consider restricting access to the config.inc.php file to minimize the risk of exploitation. Avoid using the settings overwrite feature in the affected versions until the issue is resolved.