Total
2 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2023-27507 | 1 Microengine | 1 Mailform | 2024-11-21 | N/A | 9.8 CRITICAL |
MicroEngine Mailform version 1.1.0 to 1.1.8 contains a path traversal vulnerability. If the product's file upload function and server save option are enabled, a remote attacker may save an arbitrary file on the server and execute it. | |||||
CVE-2023-27397 | 1 Microengine | 1 Mailform | 2024-11-21 | N/A | 9.8 CRITICAL |
Unrestricted upload of file with dangerous type exists in MicroEngine Mailform version 1.1.0 to 1.1.8. If the product's file upload function and server save option are enabled, a remote attacker may save an arbitrary file on the server and execute it. |