ShopXO v6.4.0 is vulnerable to Server-Side Request Forgery (SSRF) via image upload function.
CVSS Metrics
