CVE-2023-2419
CVE-2023-2419 affects Zhong Bang CRMEB 4.6.0, where the vulnerability is in the videoUpload function of SystemAttachmentServices.php. The root cause is manipulation of the filename argument that enables unrestricted file uploads. The issue can be triggered remotely and the exploit has been public...