Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
microweber vulnerabilities and exploits
(subscribe to this query)
5.5
CVSSv3
CVE-2020-23136
Microweber v1.1.18 is affected by no session expiry after log-out.
Microweber Microweber 1.1.18
5.5
CVSSv3
CVE-2020-23139
Microweber 1.1.18 is affected by broken authentication and session management. Local session hijacking may occur, which could result in unauthorized access to system data or functionality, or a complete system compromise.
Microweber Microweber 1.1.18
8.1
CVSSv3
CVE-2020-23140
Microweber 1.1.18 is affected by insufficient session expiration. When changing passwords, both sessions for when a user changes email and old sessions in any other browser or device, the session does not expire and remains active.
Microweber Microweber 1.1.18
6.1
CVSSv3
CVE-2018-19917
Microweber 1.0.8 has reflected cross-site scripting (XSS) vulnerabilities.
Microweber Microweber 1.0.8
6.1
CVSSv3
CVE-2021-33988
Cross Site Scripting (XSS). vulnerability exists in Microweber CMS 1.2.7 via the Login form, which could let a malicious user execute Javascript by Inserting code in the request form.
Microweber Microweber 1.2.7
5.4
CVSSv3
CVE-2023-47379
Microweber CMS version 2.0.1 is vulnerable to stored Cross Site Scripting (XSS) via the profile picture file upload functionality.
Microweber Microweber 2.0.1
8.8
CVSSv3
CVE-2023-49052
File Upload vulnerability in Microweber v.2.0.4 allows a remote malicious user to execute arbitrary code via a crafted script to the file upload function in the created forms component.
Microweber Microweber 2.0.4
1 Github repository
9.8
CVSSv3
CVE-2020-23138
An unrestricted file upload vulnerability exists in the Microweber 1.1.18 admin account page. An attacker can upload PHP code or any extension (eg- .exe) to the web server by providing image data and the image/jpeg content type with a .php extension.
Microweber Microweber 1.1.18
6.1
CVSSv3
CVE-2022-0855
Improper Resolution of Path Equivalence in GitHub repository microweber-dev/whmcs_plugin before 0.0.4.
Microweber Whmcs
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
buffer overflow
type confusion
server-side request forgery
CVE-2024-38440
CVE-2024-27801
CVE-2024-5868
CVE-2024-0582
CVE-2024-37643
CVE-2024-3105
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
5
6
7
8
9
10