Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
microweber microweber vulnerabilities and exploits
(subscribe to this query)
383
VMScore
CVE-2022-2353
Prior to microweber/microweber v1.2.20, due to improper neutralization of input, an attacker can steal tokens to perform cross-site request forgery, fetch contents from same-site and redirect a user.
Microweber Microweber
605
VMScore
CVE-2022-1631
Users Account Pre-Takeover or Users Account Takeover. in GitHub repository microweber/microweber before 1.2.15. Victim Account Take Over. Since, there is no email confirmation, an attacker can easily create an account in the application using the Victim’s Email. This allows...
Microweber Microweber
383
VMScore
CVE-2022-2130
Cross-site Scripting (XSS) - Reflected in GitHub repository microweber/microweber before 1.2.17.
Microweber Microweber
NA
CVE-2023-0608
Cross-site Scripting (XSS) - DOM in GitHub repository microweber/microweber before 1.3.2.
Microweber Microweber
388
VMScore
CVE-2022-0378
Cross-site Scripting (XSS) - Reflected in Packagist microweber/microweber before 1.2.11.
Microweber Microweber
17 Github repositories
578
VMScore
CVE-2020-28337
A directory traversal issue in the Utils/Unzip module in Microweber up to and including 1.1.20 allows an authenticated malicious user to gain remote code execution via the backup restore feature. To exploit the vulnerability, an attacker must have the credentials of an administra...
Microweber Microweber
445
VMScore
CVE-2022-0660
Generation of Error Message Containing Sensitive Information in Packagist microweber/microweber before 1.2.11.
Microweber Microweber
446
VMScore
CVE-2022-0666
CRLF Injection leads to Stack Trace Exposure due to lack of filtering at https://demo.microweber.org/ in Packagist microweber/microweber before 1.2.11.
Microweber Microweber
445
VMScore
CVE-2022-0689
Use multiple time the one-time coupon in Packagist microweber/microweber before 1.2.11.
Microweber Microweber
312
VMScore
CVE-2022-0719
Cross-site Scripting (XSS) - Reflected in GitHub repository microweber/microweber before 1.3.
Microweber Microweber
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
camera
bypass
CVE-2024-3592
CVE-2024-37383
CVE-2024-24919
CVE-2024-27822
CVE-2024-36788
CVE-2024-36789
man-in-the-middle
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »