2023-05-23 00:00:00
jpcert
PUBLISHED
MicroEngine Mailform version 1.1.0 to 1.1.8 contains a path traversal vulnerability. If the products file upload function and server save option are enabled, a remote attacker may save an arbitrary file on the server and execute it.