CVE-2024-50526

Name of the Vulnerable Software and Affected Versions: Multi Purpose Mail Form versions n/a through 1.0.2

Description: The issue allows users to upload dangerous files, potentially leading to a web server compromise by uploading a web shell. This can happen due to an unrestricted upload of file with dangerous type vulnerability in the Multi Purpose Mail Form by mahlamusa.

Recommendations: For versions n/a through 1.0.2, consider disabling the file upload feature until a patch is available to prevent potential exploitation. Restrict access to the mail form to minimize the risk of uploading dangerous files. Avoid using the mail form for uploading files until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.