CVE-2025-34076
Severity CVSS v4.0:
MEDIUM
Type:
CWE-22
Path Traversal
Publication date:
02/07/2025
Last modified:
03/07/2025
Description
An authenticated local file inclusion vulnerability exists in Microweber CMS versions
Impact
Base Score 4.0
6.10
Severity 4.0
MEDIUM
References to Advisories, Solutions, and Tools
- https://github.com/microweber/microweber
- https://github.com/microweber/microweber/commit/572bdc36b5b47923790016f6b961c8df53226855
- https://github.com/microweber/microweber/commit/98d025467128ecc24195dcb56c533febc3c91af6
- https://huntr.com/bounties/09218d3f-1f6a-48ae-981c-85e86ad5ed8b
- https://raw.githubusercontent.com/rapid7/metasploit-framework/master/modules/auxiliary/gather/microweber_lfi.rb
- https://vulncheck.com/advisories/microweber-cms-lfi
- https://huntr.com/bounties/09218d3f-1f6a-48ae-981c-85e86ad5ed8b