CVE-2016-4862

Twigmo bundled with CS-Cart 4.3.9 and earlier and Twigmo bundled with CS-Cart Multi-Vendor 4.3.9 and earlier allow remote authenticated users to execute arbitrary PHP code on the servers.

Date published : 2017-04-20

http://www.securityfocus.com/bid/92992

http://tips.cs-cart.jp/fix-twigmo-vulnerability-20160914.html