Insufficient verification vulnerability exists in Broadcast Mail CGI (pmc.exe) included in A.K.I Softwareβs PMailServer/PMailServer2 products. If this vulnerability is exploited, a user who can upload files through the product may execute an arbitrary executable file with the web serverβs execution privilege.
[
{
"vendor": "A.K.I Software ",
"product": "pmc.exe",
"versions": [
{
"version": "2.5.1.720 and earlier",
"status": "affected"
}
]
}
]