VYPR
High severity8.8OSV Advisory· Published Sep 16, 2018· Updated Jun 17, 2026

CVE-2018-17104

CVE-2018-17104

Description

An issue was discovered in Microweber 1.0.7. There is a CSRF attack (against the admin user) that can add an administrative account via api/save_user.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • Microweber/MicroweberOSV2 versions
    1.0.3, 1.0.5-fix1, 1.0.6, …+ 1 more
    • (no CPE)range: 1.0.3, 1.0.5-fix1, 1.0.6, …
    • (no CPE)range: = 1.0.7

Patches

Vulnerability mechanics

References

3

News mentions

0

No linked articles in our index yet.