Arbitrary File Upload Vulnerability in Microweber 1.1.3: Exploiting the Settings Upload Picture Section
CVE-2021-36461 · HIGH Severity
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
An Arbitrary File Upload vulnerability exists in Microweber 1.1.3 that allows attackers to getshell via the Settings Upload Picture section by uploading pictures with malicious code, user.ini.
Learn more about our Web App Pen Testing.