Microweber is an online store management system that provides drag and drop functionality from the Microweber community in the United States. The system includes modules for adding products, images, and more. A file upload vulnerability exists in Microweber version v.2.0.4, which stems from the application’s lack of validation of uploaded files. The vulnerability can be exploited by a remote attacker to execute arbitrary code via the file upload function in the created forms component using a crafted script.
CPE | Name | Operator | Version |
---|---|---|---|
microweber microweber v. | eq | 2.0.4 |