CVE-2024-41454 Information

Description

An arbitrary file upload vulnerability in the UI login page logo upload function of Process Maker pm4core-docker 4.1.21-RC7 allows attackers to execute arbitrary code via uploading a crafted PHP or HTML file.

Reference

https://github.com/php-lover-boy/processmaker