Vulnerability in Online Store v1.0, The registration form requirements for the member email format can be bypassed by posting directly to sent_register.php allowing special characters to be included and an XSS payload to be injected.Referenceshttp://www.vapidlabs.com/advisory.php?v=210https://www.abcprintf.com/view_download.php?id=17http://www.openwall.com/lists/oss-security/2019/10/02/1
