CVE-2021-36461 Information

Description

An Arbitrary File Upload vulnerability exists in Microweber 1.1.3 that allows attackers to getshell via the Settings Upload Picture section by uploading pictures with malicious code user.ini.

Reference

https://github.com/microweber/microweber/issues/751