Merchandise Online Store v1.0 by oretnom23 has an arbitrary code execution (RCE) vulnerability in the user profile upload point in the system information.Referenceshttps://github.com/ffYYy6x0y1/bug_report/blob/main/vendors/oretnom23/merchandise-online-store/RCE-1.md
