Lucene search
China National Vulnerability DatabaseCNVD-2022-21817HistoryMar 15, 2022 - 12:00 a.m.
Microweber file upload vulnerability
2022-03-1500:00:00
China National Vulnerability Database
www.cnvd.org.cn
4
0.001 Low
EPSS
Percentile
21.6%
Microweber is a drag-and-drop online store management system from the Microweber community in the United States. The system includes modules for adding products, images, etc. A file upload vulnerability exists in versions of Microweber prior to 1.2.11. The vulnerability stems from the lack of valid validation of uploaded files by the application. An attacker could exploit this vulnerability to upload malicious files and thus execute arbitrary code remotely.
| CPE | Name | Operator | Version |
|---|---|---|---|
| microweber microweber | lt | 1.2.11 |
Related
nvd
nvd
CVE-2022-0912
2022-03-11 10:15:07
prion
prion
Unrestricted file upload
2022-03-11 10:15:00
cve
cve
CVE-2022-0912
2022-03-11 10:15:07
osv
osv
CVE-2022-0912
2022-03-11 10:15:07
Unrestricted Upload of File with Dangerous Type in microweber
2022-03-12 00:00:35
huntr
huntr
Unrestricted Upload of File with Dangerous Type
2022-03-10 02:01:25
veracode
veracode
Unrestricted Upload Of File With Dangerous Type
2022-03-14 04:52:44
cvelist
cvelist
github
github
Unrestricted Upload of File with Dangerous Type in microweber
2022-03-12 00:00:35