An Arbitrary File Upload vulnerability exists in Microweber 1.1.3 that allows attackers to getshell via the Settings Upload Picture section by uploading pictures with malicious code, user.ini.
References
Link | Resource |
---|---|
https://github.com/microweber/microweber/issues/751 | Exploit Issue Tracking Third Party Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2022-07-15T11:34:48
Updated: 2022-07-15T11:34:48
Reserved: 2021-07-12T00:00:00
Link: CVE-2021-36461
JSON object: View
NVD Information
Status : Analyzed
Published: 2022-07-15T12:15:08.677
Modified: 2022-07-19T10:49:50.890
Link: CVE-2021-36461
JSON object: View
Redhat Information
No data.
CWE