CVE-2024-40125
The CVE-2024-40125 entry concerns Closed Loop Technology CLESS Server v4.5.2, where the Media Manager’s file upload endpoint is vulnerable to arbitrary PHP file uploads. The underlying issue enables remote code execution because a crafted PHP file can be uploaded and subsequently executed on the ...