EIP-2026-113063

This PHP script exploits a command injection vulnerability in ViArt Shop Enterprise 4.1 by sending a crafted POST request to 'sips_response.php' with a malicious 'DATA' parameter, leveraging unsanitized input passed to the 'exec' function. The exploit requires 'register_globals=On' and demonstrates remote code execution (RCE).