2 matches found
CVE-2023-27397
Unrestricted upload of file with dangerous type exists in MicroEngine Mailform version 1.1.0 to 1.1.8. If the product's file upload function and server save option are enabled, a remote attacker may save an arbitrary file on the server and execute it...
CVE-2023-27397
Vulnerability summary (CVE-2023-27397) : MicroEngine Mailform (versions 1.1.0–1.1.8) suffers an unrestricted upload of a dangerous file type when the product’s file upload and server save options are enabled. This allows a remote attacker to save an arbitrary file on the server and execute it, le...