upgrade.asp in sHibby sHop 2.2 and previous versions does not require administrative authentication, which allows remote malicious users to update a file or have unspecified other impact via a direct request.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
aspindir shibby shop |