Name of the Vulnerable Software and Affected Versions cart2quote/module-quotation-encoded extension (affected versions not specified)

Description The issue is related to the utilization of the unserialize function when processing data from a GET request, posing a significant risk of Remote Code Execution. This flaw is present in specific files, including app/code/community/Ophirah/Qquoteadv/controllers/DownloadController.php and app/code/community/Ophirah/Qquoteadv/Helper/Data.php. Attackers could execute arbitrary code remotely, leading to unauthorized access and potential compromise of sensitive data, especially when custom file options are employed on a product.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.