CVE-2020-23138

Published: Nov 9, 2020

Modified: Aug 4, 2024

PUBLISHED

Description

An unrestricted file upload vulnerability was discovered in the Microweber 1.1.18 admin account page. An attacker can upload PHP code or any extension (eg- .exe) to the web server by providing image data and the image/jpeg content type with a .php extension.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

https://gist.github.com/virendratiwari03/0918aaba97eba31666630996ab3aeec3

x_refsource_MISC

https://gist.github.com/virendratiwari03/800f96271f22c0c2f5aea126c7f1f170

x_refsource_MISC

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2020-23138

Description

Affected Products

References