virendratiwari03/Microweber: Unrestricted File Upload Secret

## Microweber: Unrestricted File Upload
Product: Microweber

Product Version: 1.1.18

Vulnerability: Unrestricted File upload

Description:
An Unrestricted File Upload Vulnerability in the Microweber version 1.1.18 allows remote attackers to upload any extensions like php, exe in the profile upload section.


Attack Type: Local

Impact:
An attacker with the ability to upload a malicious file to the application can set up drive-by-download attacks, deface the website, or gain access to the file system through a web shell.

Reference:
https://owasp.org/www-community/vulnerabilities/Unrestricted_File_Upload
https://null-byte.wonderhowto.com/how-to/upload-shell-web-server-and-get-root-rfi-part-1-0162818/
	Product: Microweber

	Product Version: 1.1.18

	Vulnerability: Unrestricted File upload

	Description:
	An Unrestricted File Upload Vulnerability in the Microweber version 1.1.18 allows remote attackers to upload any extensions like php, exe in the profile upload section.


	Attack Type: Local

	Impact:
	An attacker with the ability to upload a malicious file to the application can set up drive-by-download attacks, deface the website, or gain access to the file system through a web shell.

	Reference:
	https://owasp.org/www-community/vulnerabilities/Unrestricted_File_Upload
	https://null-byte.wonderhowto.com/how-to/upload-shell-web-server-and-get-root-rfi-part-1-0162818/