Shigophiloop

**Name of the Vulnerable Software and Affected Versions** atoms183 CMS version 1.0 **Description** The issue allows attackers to execute arbitrary commands via the `Name`, `Fname`, and `ID` parameters to the "search.php" endpoint. This enables attackers to potentially manipulate data or execute unauthorized actions. **Recommendations** For atoms183 CMS version 1.0, consider disabling the `product admin.php` file or restricting access to the "search.php" endpoint until a patch is available. Avoid using the `Name`, `Fname`, and `ID` parameters in the affected endpoint until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.