CVE-2020-23138
N/A
N/A
Summary
An unrestricted file upload vulnerability was discovered in the Microweber 1.1.18 admin account page. An attacker can upload PHP code or any extension (eg- .exe) to the web server by providing image data and the image/jpeg content type with a .php extension.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| n/a | n/a | n/a | affected |
Weaknesses
- n/a
ADP Enrichment
CVE Program Container
Additional References
- https://gist.github.com/virendratiwari03/0918aaba97eba31666630996ab3aeec3
- https://gist.github.com/virendratiwari03/800f96271f22c0c2f5aea126c7f1f170
References
- https://gist.github.com/virendratiwari03/0918aaba97eba31666630996ab3aeec3
- https://gist.github.com/virendratiwari03/800f96271f22c0c2f5aea126c7f1f170
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.