CVE-2025-28092 Information

Description

ShopXO v6.4.0 is vulnerable to Server-Side Request Forgery (SSRF) via image upload function.

Reference

https://www.yuque.com/morysummer/vx41bz/stggvmlxs9ewqlvu