Unauthenticated Remote Code Execution in Machform Prior to Version 16

Unauthenticated Remote Code Execution in Machform Prior to Version 16

CVE-2021-20104 · HIGH Severity

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

Machform prior to version 16 is vulnerable to unauthenticated remote code execution due to insufficient sanitization of file attachments uploaded with forms through upload.php.

Learn more about our Web Application Penetration Testing UK.