Br4Nd0Nsu3O

**Name of the Vulnerable Software and Affected Versions** ShopXO CMS version 2.2.0 **Description** An issue was discovered in ShopXO CMS, where after entering the management page, there is an arbitrary file upload vulnerability in three locations. **Recommendations** For ShopXO CMS version 2.2.0, consider restricting access to the file upload functionality until a patch is available. As a temporary workaround, disabling the file upload feature in the management page may help minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.