Lucene search
K

5 matches found

Packet Storm
Packet Storm
added 2021/05/10 12:0 a.m.187 views

Microweber CMS 1.1.20 Remote Code Execution

Exploit Title: Microweber CMS 1.1.20 - Remote Code Execution Authenticated Date: 2020-10-31 Exploit Author: sl1nki Vendor Homepage: https://microweber.org/ Software Link: https://github.com/microweber/microweber/tree/1.1.20 Version: " . shellexec$REQUEST"fexec" . ""; ?' Notes: SSL verification is...

6.5CVSS0.1AI score0.16611EPSS
Exploits4
0day.today
0day.today
added 2021/05/10 12:0 a.m.100 views

Microweber CMS 1.1.20 - Remote Code Execution (Authenticated) Exploit

Exploit Title: Microweber CMS 1.1.20 - Remote Code Execution Authenticated Exploit Author: sl1nki Vendor Homepage: https://microweber.org/ Software Link: https://github.com/microweber/microweber/tree/1.1.20 Version: " . shellexec$REQUEST"fexec" . ""; ?' Notes: SSL verification is disabled by...

7.2CVSS0.1AI score0.16611EPSS
Exploits4
Exploit DB
Exploit DB
added 2021/05/10 12:0 a.m.182 views

Microweber CMS 1.1.20 - Remote Code Execution (Authenticated)

Exploit Title: Microweber CMS 1.1.20 - Remote Code Execution Authenticated Date: 2020-10-31 Exploit Author: sl1nki Vendor Homepage: https://microweber.org/ Software Link: https://github.com/microweber/microweber/tree/1.1.20 Version: " . shellexec$REQUEST"fexec" . ""; ?' Notes: SSL verification is...

7.2CVSS7AI score0.16611EPSS
Exploits4
OSV
OSV
added 2021/02/15 8:15 p.m.21 views

CVE-2020-28337

A directory traversal issue in the Utils/Unzip module in Microweber through 1.1.20 allows an authenticated attacker to gain remote code execution via the backup restore feature. To exploit the vulnerability, an attacker must have the credentials of an administrative user, upload a maliciously...

7.2CVSS7.8AI score0.16611EPSS
Exploits4References4
CVE
CVE
added 2021/02/15 7:51 p.m.122 views

CVE-2020-28337

CVE-2020-28337 affects Microweber up to version 1.1.20, due to a directory traversal flaw in the Utils/Unzip module. An authenticated administrative user can upload a malicious ZIP containing relative paths (for example ../../), place it in the backup directory, and trigger a restore to achieve r...

7.2CVSS7.3AI score0.16611EPSS
Exploits4References4Affected Software1
Rows per page
Query Builder