Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
microweber microweber 1.1.18 vulnerabilities and exploits
(subscribe to this query)
7.2
CVSSv2
CVE-2020-13241
Microweber 1.1.18 allows Unrestricted File Upload because admin/view:modules/load_module:users#edit-user=1 does not verify that the file extension (used with the Add Image option on the Edit User screen) corresponds to an image file.
Microweber Microweber 1.1.18
2.1
CVSSv2
CVE-2020-23136
Microweber v1.1.18 is affected by no session expiry after log-out.
Microweber Microweber 1.1.18
7.5
CVSSv2
CVE-2020-23138
An unrestricted file upload vulnerability exists in the Microweber 1.1.18 admin account page. An attacker can upload PHP code or any extension (eg- .exe) to the web server by providing image data and the image/jpeg content type with a .php extension.
Microweber Microweber 1.1.18
2.1
CVSSv2
CVE-2020-23139
Microweber 1.1.18 is affected by broken authentication and session management. Local session hijacking may occur, which could result in unauthorized access to system data or functionality, or a complete system compromise.
Microweber Microweber 1.1.18
5.8
CVSSv2
CVE-2020-23140
Microweber 1.1.18 is affected by insufficient session expiration. When changing passwords, both sessions for when a user changes email and old sessions in any other browser or device, the session does not expire and remains active.
Microweber Microweber 1.1.18
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-23692
CVE-2012-1823
memory leak
CVE-2024-0627
CVE-2024-31402
privilege escalation
CVE-2024-36418
remote code execution
CVE-2024-27844
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started