A vulnerability classified as critical was found in Likeshop up to 2.5.7.20210311. This vulnerability affects the function
FileServer::userFormImage
of the file server/application/api/controller/File.php of the component HTTP POST Request Handler. The manipulation of the argument file leads to unrestricted upload.
This vulnerability was named CVE-2024-0352. The attack can be initiated remotely. Furthermore, there is an exploit available.