Curlyyy

**Name of the Vulnerable Software and Affected Versions** ECshop version 4.1.8 **Description** A critical issue has been found in ECshop, affecting some unknown functionality of the file /admin/view sendlist.php. This issue leads to sql injection and can be exploited remotely. The exploit has been disclosed to the public. **Recommendations** For ECshop version 4.1.8, as a temporary workaround, consider restricting access to the /admin/view sendlist.php file until a patch is available. At the moment, there is no information about a newer version that contains a fix for this issue.