VYPR
High severityNVD Advisory· Published Jul 16, 2020· Updated Aug 4, 2024

CVE-2020-13405

CVE-2020-13405

Description

userfiles/modules/users/controller/controller.php in Microweber before 1.1.20 allows an unauthenticated user to disclose the users database via a /modules/ POST request.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected packages

Versions sourced from the GitHub Security Advisory.

PackageAffected versionsPatched versions
microweber/microweberPackagist
< 1.1.201.1.20

Affected products

2

Patches

Vulnerability mechanics

References

5

News mentions

0

No linked articles in our index yet.