2023-05-23 00:00:00
jpcert
PUBLISHED
Unrestricted upload of file with dangerous type exists in MicroEngine Mailform version 1.1.0 to 1.1.8. If the products file upload function and server save option are enabled, a remote attacker may save an arbitrary file on the server and execute it.