File Upload vulnerability in Microweber v.2.0.4 allows a remote attacker to execute arbitrary code via a crafted script to the file upload function in the created forms component.
References
Link | Resource |
---|---|
https://github.com/Cyber-Wo0dy/CVE-2023-49052 | Exploit Patch Third Party Advisory |
https://github.com/Cyber-Wo0dy/report/blob/main/microweber/v2.0.4/microweber_unrestricted_upload | Exploit Third Party Advisory |
Configurations
History
05 Dec 2023, 17:41
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:a:microweber:microweber:2.0.4:*:*:*:*:*:*:* | |
References | () https://github.com/Cyber-Wo0dy/CVE-2023-49052 - Exploit, Patch, Third Party Advisory | |
References | () https://github.com/Cyber-Wo0dy/report/blob/main/microweber/v2.0.4/microweber_unrestricted_upload - Exploit, Third Party Advisory | |
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 8.8 |
First Time |
Microweber microweber
Microweber |
|
CWE | CWE-434 |
30 Nov 2023, 07:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2023-11-30 07:15
Updated : 2024-02-28 20:54
NVD link : CVE-2023-49052
Mitre link : CVE-2023-49052
CVE.ORG link : CVE-2023-49052
JSON object : View
Products Affected
microweber
- microweber
CWE
CWE-434
Unrestricted Upload of File with Dangerous Type