4 matches found
CVE-2013-5984
Directory traversal vulnerability in userfiles/modules/admin/backup/delete.php in Microweber before 0.830 allows remote attackers to delete arbitrary files via a .. dot dot in the file parameter...
CVE-2013-5984
Microweber is vulnerable to CVE-2013-5984 due to improper access control in /userfiles/modules/admin/backup/delete.php. An unauthenticated remote attacker can delete arbitrary files by manipulating the file parameter (directory traversal). The advisory notes that this can lead to system compromis...
Remote Code Execution in Microweber
Advisory ID: HTB23175 Product: Microweber Vendor: Microweber Vulnerable Versions: 0.8 and probably prior Tested Version: 0.8 Advisory Publication: September 25, 2013 without technical details Vendor Notification: September 25, 2013 Vendor Patch: September 26, 2013 Public Disclosure: October 16,...
Microweber 0.8 Arbitrary File Deletion
Advisory ID: HTB23175 Product: Microweber Vendor: Microweber Vulnerable Versions: 0.8 and probably prior Tested Version: 0.8 Advisory Publication: September 25, 2013 without technical details Vendor Notification: September 25, 2013 Vendor Patch: September 26, 2013 Public Disclosure: October 16,...