CVE-2023-26823 Information

Description

An arbitrary file upload vulnerability in the /admin/template.php component of shopEx EcShop v4.1.5 allows attackers to execute arbitrary code via a crafted PHP file.

Reference

https://github.com/jingping911/exshopbug/blob/main/README.md