CVE-2023-39424
A vulnerability in RDPngFileUpload.dll, as used in the IRM Next Generation booking system, allows a remote attacker to upload arbitrary content such as a web shell component to the SQL database and execute it with SYSTEM privileges. This vulnerability requires authentication to be exploited but c...