CVE-2022-0660 Scanner
Detects 'Information Disclosure' vulnerability in microweber/microweber affects v. prior to 1.2.11.
Short Info
Level
High
Single Scan
Single Scan
Can be used by
Asset Owner
Estimated Time
10 second
Time Interval
1 month
Scan only one
Domain, Ipv4
Toolbox
-
Microweber/Microweber is a free open-source content management system (CMS) that offers an intuitive interface and customizable design for creating websites, blogs, and online stores. It is a popular choice for web developers and businesses of all sizes due to its user-friendly interface and advanced features.
Recently, a serious vulnerability was detected in Microweber/Microweber prior to 1.2.11, identified as CVE-2022-0660. This vulnerability is related to the generation of an error message that contains sensitive information such as the administrator password, which can be accessed by unauthorized users. The error message also exposes technical details such as the system path, PHP version, and other sensitive information.
If exploited, this vulnerability can lead to serious security issues for websites built on Microweber/Microweber. The exposed password can give hackers access to the backend of the website, allowing them to steal sensitive data such as customer information, email accounts, or credit card details. In addition, the system path and PHP version can be exploited to conduct further attacks on the website.
In conclusion, it is crucial to stay aware of vulnerabilities and security threats to protect your digital assets. Thanks to the pro features of s4e.io platform, readers can easily and quickly identify and resolve vulnerabilities before they cause any significant damage. By following the recommended precautions and utilizing reliable security tools, users can ensure the safety and security of their websites and online stores.
REFERENCES