CVE-2021-36461

Published July 15th, 2022

View on NVD ↗

CVSS v3

8.8

HIGH

CVSS v2

6.5

MEDIUM

Affected

PROJECT

Description

An Arbitrary File Upload vulnerability exists in Microweber 1.1.3 that allows attackers to getshell via the Settings Upload Picture section by uploading pictures with malicious code, user.ini.

microweber/microweber

Drag and Drop Website Builder and CMS with E-commerce

GitHub

3.42K