23Şub
CVE-2025-1611 | ShopXO up to 6.4.0 Template ThemeAdminService.php injection
A vulnerability was found in ShopXO up to 6.4.0. It has been classified as problematic. This affects an unknown part of the file app/service/ThemeAdminService.php of the component Template Handler. The manipulation leads to injection. This vulnerability is uniquely identified as CVE-2025-1611. It is possible to initiate the attack remotely. Furthermore, there is an exploit available. The vendor was contacted early about this disclosure but did not respond in any way.