Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
microweber vulnerabilities and exploits
(subscribe to this query)
5.4
CVSSv3
CVE-2023-0608
Cross-site Scripting (XSS) - DOM in GitHub repository microweber/microweber before 1.3.2.
Microweber Microweber
6.1
CVSSv3
CVE-2022-2174
Cross-site Scripting (XSS) - Reflected in GitHub repository microweber/microweber before 1.2.18.
Microweber Microweber
6.1
CVSSv3
CVE-2022-2353
Prior to microweber/microweber v1.2.20, due to improper neutralization of input, an attacker can steal tokens to perform cross-site request forgery, fetch contents from same-site and redirect a user.
Microweber Microweber
9.8
CVSSv3
CVE-2022-2368
Authentication Bypass by Spoofing in GitHub repository microweber/microweber before 1.2.20.
Microweber Microweber
6.1
CVSSv3
CVE-2022-1439
Reflected XSS on demo.microweber.org/demo/module/ in GitHub repository microweber/microweber before 1.2.15. Execute Arbitrary JavaScript as the attacked user. It's the only payload I found working, you might need to press "tab" but there is probably a paylaod that ...
Microweber Microweber
6.1
CVSSv3
CVE-2022-1504
XSS in /demo/module/?module=HERE in GitHub repository microweber/microweber before 1.2.15. Typical impact of XSS attacks.
Microweber Microweber
6.1
CVSSv3
CVE-2022-1555
DOM XSS in microweber ver 1.2.15 in GitHub repository microweber/microweber before 1.2.16. inject arbitrary js code, deface website, steal cookie...
Microweber Microweber
6.1
CVSSv3
CVE-2022-1584
Reflected XSS in GitHub repository microweber/microweber before 1.2.16. Executing JavaScript as the victim
Microweber Microweber
8.8
CVSSv3
CVE-2022-1631
Users Account Pre-Takeover or Users Account Takeover. in GitHub repository microweber/microweber before 1.2.15. Victim Account Take Over. Since, there is no email confirmation, an attacker can easily create an account in the application using the Victim’s Email. This allows...
Microweber Microweber
6.1
CVSSv3
CVE-2022-2130
Cross-site Scripting (XSS) - Reflected in GitHub repository microweber/microweber before 1.2.17.
Microweber Microweber
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
inject
CVE-2024-34001
CVE-2024-37018
LFI
CVE-2024-1275
CVE-2024-1086
CSRF
CVE-2024-31030
CVE-2024-24919
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »