Qhxb

Name of the Vulnerable Software and Affected Versions: Shopxo versions 1.4.0 through 1.5.0 Description: The issue allows remote attackers to gain privileges by manipulating the `user id` parameter in the HTML request to the "/index.php" endpoint. Recommendations: For versions 1.4.0 through 1.5.0, as a temporary workaround, consider restricting access to the "/index.php" endpoint until a patch is available. Avoid using the `user id` parameter in the affected endpoint until the issue is resolved.