Microweber is an online store management system from the Microweber community in the United States that provides drag-and-drop functionality. The system includes modules for adding products, images, etc. A command injection vulnerability exists in Microweber, which stems from the failure of the network system or product to properly filter special characters, commands, etc. during the execution of commands entered by users in the construct. An attacker could use this vulnerability to take full control of a vulnerable system, disclose sensitive data, or perform privilege escalation.
CPE | Name | Operator | Version |
---|---|---|---|
microweber microweber | lt | 1.2.11 |