shopxo/shopxo is vulnerable to improper access control. The vulnerability exists in Add
function in Index.php
because it doesn’t validate visitors and existing databases which allows an attacker to inject and modify the original data in the database.