Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
microweber microweber vulnerabilities and exploits
(subscribe to this query)
4.8
CVSSv3
CVE-2023-2014
Cross-site Scripting (XSS) - Generic in GitHub repository microweber/microweber before 1.3.3.
Microweber Microweber
6.1
CVSSv3
CVE-2022-2470
Cross-site Scripting (XSS) - Reflected in GitHub repository microweber/microweber before 1.2.21.
Microweber Microweber
7.5
CVSSv3
CVE-2023-5318
Use of Hard-coded Credentials in GitHub repository microweber/microweber before 2.0.
Microweber Microweber
6.1
CVSSv3
CVE-2022-3242
Code Injection in GitHub repository microweber/microweber before 1.3.2.
Microweber Microweber
NA
CVE-2013-5984
Directory traversal vulnerability in userfiles/modules/admin/backup/delete.php in Microweber prior to 0.830 allows remote malicious users to delete arbitrary files via a .. (dot dot) in the file parameter.
Microweber Microweber
6.1
CVSSv3
CVE-2022-1504
XSS in /demo/module/?module=HERE in GitHub repository microweber/microweber before 1.2.15. Typical impact of XSS attacks.
Microweber Microweber
6.1
CVSSv3
CVE-2022-1555
DOM XSS in microweber ver 1.2.15 in GitHub repository microweber/microweber before 1.2.16. inject arbitrary js code, deface website, steal cookie...
Microweber Microweber
6.1
CVSSv3
CVE-2022-1584
Reflected XSS in GitHub repository microweber/microweber before 1.2.16. Executing JavaScript as the victim
Microweber Microweber
8.8
CVSSv3
CVE-2022-1631
Users Account Pre-Takeover or Users Account Takeover. in GitHub repository microweber/microweber before 1.2.15. Victim Account Take Over. Since, there is no email confirmation, an attacker can easily create an account in the application using the Victim’s Email. This allows...
Microweber Microweber
5.4
CVSSv3
CVE-2022-0379
Cross-site Scripting (XSS) - Stored in Packagist microweber/microweber before 1.2.11.
Microweber Microweber
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-7073
CVE-2024-5496
CVE-2024-5495
XPath injection
bypass
CVE-2024-30043
CVE-2024-24919
denial of service
CVE-2024-35468
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
9
10
NEXT »