Authenticated Arbitrary PHP Code Injection in Super Store Finder 3.7 and below

Authenticated Arbitrary PHP Code Injection in Super Store Finder 3.7 and below

CVE-2023-43835 · HIGH Severity

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Super Store Finder 3.7 and below is vulnerable to authenticated Arbitrary PHP Code Injection that could lead to Remote Code Execution when settings overwrite config.inc.php content.

Learn more about our Web Application Penetration Testing UK.