Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
microweber microweber vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2022-2777
Cross-site Scripting (XSS) - Stored in GitHub repository microweber/microweber before 1.3.1.
Microweber Microweber
6.5
CVSSv2
CVE-2022-0921
Abusing Backup/Restore feature to achieve Remote Code Execution in GitHub repository microweber/microweber before 1.2.12.
Microweber Microweber
3.5
CVSSv2
CVE-2022-0926
File upload filter bypass leading to stored XSS in GitHub repository microweber/microweber before 1.2.12.
Microweber Microweber
4.3
CVSSv2
CVE-2022-0929
XSS on dynamic_text module in GitHub repository microweber/microweber before 1.2.11.
Microweber Microweber
4.3
CVSSv2
CVE-2022-1439
Reflected XSS on demo.microweber.org/demo/module/ in GitHub repository microweber/microweber before 1.2.15. Execute Arbitrary JavaScript as the attacked user. It's the only payload I found working, you might need to press "tab" but there is probably a paylaod that ...
Microweber Microweber
4.3
CVSSv2
CVE-2022-1504
XSS in /demo/module/?module=HERE in GitHub repository microweber/microweber before 1.2.15. Typical impact of XSS attacks.
Microweber Microweber
3.5
CVSSv2
CVE-2022-0906
Unrestricted file upload leads to stored XSS in GitHub repository microweber/microweber before 1.1.12.
Microweber Microweber
3.5
CVSSv2
CVE-2022-0954
Multiple Stored Cross-site Scripting (XSS) Vulnerabilities in Shop's Other Settings, Shop's Autorespond E-mail Settings and Shops' Payments Methods in GitHub repository microweber/microweber before 1.2.11.
Microweber Microweber
4.3
CVSSv2
CVE-2022-0961
The microweber application allows large characters to insert in the input field "post title" which can allow malicious users to cause a Denial of Service (DoS) via a crafted HTTP request. in GitHub repository microweber/microweber before 1.2.12.
Microweber Microweber
5
CVSSv2
CVE-2022-1036
Able to create an account with long password leads to memory corruption / Integer Overflow in GitHub repository microweber/microweber before 1.2.12.
Microweber Microweber
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4654
CVE-2023-49606
encryption
NULL pointer dereference
CVE-2024-4439
CVE-2024-4649
race condition
CVE-2024-27202
CVE-2024-34566
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »