CVE-2025-34076 | Microweber CMS up to 1.2.11 Backup Management API /api/BackupV2/upload src path traversal

Inserito da Angelo Barbosa | Lug 2, 2025 | CVE

A vulnerability classified as critical was found in Microweber CMS up to 1.2.11. Affected by this vulnerability is an unknown functionality of the file /api/BackupV2/upload of the component Backup Management API. The manipulation of the argument src leads to path traversal.

This vulnerability is known as CVE-2025-34076. The attack can be launched remotely. There is no exploit available.

CVE-2025-34076 | Microweber CMS up to 1.2.11 Backup Management API /api/BackupV2/upload src path traversal

Post correlati

CVE-2023-7136 | code-projects Record Management System 1.0 Document Type /main/doctype.php docname cross site scripting

CVE-2024-47544 | GStreamer up to 1.24.9 qtdemux.c qtdemux_parse_sbgp null pointer dereference (GHSL-2024-238)

CVE-2024-7746 | Traccar Server up to 6.1 Administrator Panel Module default credentials

CVE-2024-38514 | ChatGPTNextWeb ChatGPT-Next-Web up to 2.12.3 WebDav API Endpoint endpoint server-side request forgery (GHSA-gph5-rx77-3pjg)