PT-2023-30249 · Crafter · Crater
Name of the Vulnerable Software and Affected Versions: crater versions 6.0.0 through 6.0.6 Description: The issue allows a superadmin to execute arbitrary PHP code by placing this code into an image/png IDAT chunk of a Company Logo image, specifically through the "/api/v1/company/upload-logo"...