Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
microweber microweber vulnerabilities and exploits
(subscribe to this query)
312
VMScore
CVE-2022-0912
Unrestricted Upload of File with Dangerous Type in GitHub repository microweber/microweber before 1.2.11.
Microweber Microweber
312
VMScore
CVE-2022-0930
File upload filter bypass leading to stored XSS in GitHub repository microweber/microweber before 1.2.12.
Microweber Microweber
312
VMScore
CVE-2022-0954
Multiple Stored Cross-site Scripting (XSS) Vulnerabilities in Shop's Other Settings, Shop's Autorespond E-mail Settings and Shops' Payments Methods in GitHub repository microweber/microweber before 1.2.11.
Microweber Microweber
312
VMScore
CVE-2022-0963
Unrestricted XML Files Leads to Stored XSS in GitHub repository microweber/microweber before 1.2.12.
Microweber Microweber
356
VMScore
CVE-2022-0968
The microweber application allows large characters to insert in the input field "fist & last name" which can allow malicious users to cause a Denial of Service (DoS) via a crafted HTTP request. in microweber/microweber in GitHub repository microweber/microweber befo...
Microweber Microweber
NA
CVE-2023-5861
Cross-site Scripting (XSS) - Stored in GitHub repository microweber/microweber before 2.0.
Microweber Microweber
570
VMScore
CVE-2013-5984
Directory traversal vulnerability in userfiles/modules/admin/backup/delete.php in Microweber prior to 0.830 allows remote malicious users to delete arbitrary files via a .. (dot dot) in the file parameter.
Microweber Microweber
383
VMScore
CVE-2022-2130
Cross-site Scripting (XSS) - Reflected in GitHub repository microweber/microweber before 1.2.17.
Microweber Microweber
516
VMScore
CVE-2022-2252
Open Redirect in GitHub repository microweber/microweber before 1.2.19.
Microweber Microweber
605
VMScore
CVE-2022-1631
Users Account Pre-Takeover or Users Account Takeover. in GitHub repository microweber/microweber before 1.2.15. Victim Account Take Over. Since, there is no email confirmation, an attacker can easily create an account in the application using the Victim’s Email. This allows...
Microweber Microweber
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-29895
inject
CVE-2023-52689
CVE-2024-5049
CVE-2024-5051
privilege escalation
physical
CVE-2023-52676
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »