2 matches found
CVE-2024-41454
An arbitrary file upload vulnerability in the UI login page logo upload function of Process Maker pm4core-docker 4.1.21-RC7 allows attackers to execute arbitrary code via uploading a crafted PHP or HTML file...
CVE-2024-41454
CVE-2024-41454 : The reports indicate an arbitrary file upload vulnerability in the Process Maker pm4core-docker 4.1.21-RC7 UI login page logo upload function. A crafted PHP or HTML file can be uploaded, enabling arbitrary code execution. The exact root cause described is an insecure file upload ...