Severity: Critical
CVSS Score: 9.8
ShopXO v2.2.5 and below was discovered to contain a system re-install vulnerability via the Add function in app/install/controller/Index.php.