Unauthenticated Remote Code Execution in Machform Prior to Version 16
CVE-2021-20104 · HIGH Severity
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
Machform prior to version 16 is vulnerable to unauthenticated remote code execution due to insufficient sanitization of file attachments uploaded with forms through upload.php.
Learn more about our Web Application Penetration Testing UK.