CS cart just release v.4.16.2 SP1 with similar potential vulnerability
Earlier this week, we sent an email about this issue. We received word of a major security issue in all versions of CS-Cart 4, including 4.16.2. This vulnerability could potentially let an attacker upload a PHP file to the server and execute it. We are not disclosing more details, because to our knowledge, the vulnerability hasn’t been exploited yet.
maybe we are the only one with vulnerability exploited
