CVE-2025-34076 | Microweber CMS up to 1.2.11 Backup Management API /api/BackupV2/upload src path traversal

Inserito da Angelo Barbosa | Lug 2, 2025 | CVE

A vulnerability classified as critical was found in Microweber CMS up to 1.2.11. Affected by this vulnerability is an unknown functionality of the file /api/BackupV2/upload of the component Backup Management API. The manipulation of the argument src leads to path traversal.

This vulnerability is known as CVE-2025-34076. The attack can be launched remotely. There is no exploit available.

CVE-2025-34076 | Microweber CMS up to 1.2.11 Backup Management API /api/BackupV2/upload src path traversal

Post correlati

CVE-2024-49596 | Dell Wyse Management Suite up to 4.4 authorization (dsa-2024-440)

CVE-2024-40960 | Linux Kernel up to 6.9.6 rt6_probe null pointer dereference

CVE-2024-43834 | Linux Kernel up to 6.1.102/6.6.43/6.10.2 xdp page_pool_destroy reference count

CVE-2024-13348 | Smart Agenda Plugin up to 4.7 on WordPress cross-site request forgery