A vulnerability classified as critical was found in Chic Beauty Salon 20230703. Affected by this vulnerability is an unknown functionality of the file product-list.php of the component Product Handler. The manipulation leads to unrestricted upload.
This vulnerability is known as CVE-2023-7150. The attack can be launched remotely. Furthermore, there is an exploit available.