Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
microweber vulnerabilities and exploits
(subscribe to this query)
6.1
CVSSv3
CVE-2022-1555
DOM XSS in microweber ver 1.2.15 in GitHub repository microweber/microweber before 1.2.16. inject arbitrary js code, deface website, steal cookie...
Microweber Microweber
8.8
CVSSv3
CVE-2022-1631
Users Account Pre-Takeover or Users Account Takeover. in GitHub repository microweber/microweber before 1.2.15. Victim Account Take Over. Since, there is no email confirmation, an attacker can easily create an account in the application using the Victim’s Email. This allows...
Microweber Microweber
6.1
CVSSv3
CVE-2022-4647
Cross-site Scripting (XSS) - Stored in GitHub repository microweber/microweber before 1.3.2.
Microweber Microweber
4.3
CVSSv3
CVE-2023-6599
Missing Standardized Error Handling Mechanism in GitHub repository microweber/microweber before 2.0.
Microweber Microweber
4.3
CVSSv3
CVE-2023-5976
Improper Access Control in GitHub repository microweber/microweber before 2.0.
Microweber Microweber
8.8
CVSSv3
CVE-2018-17104
An issue exists in Microweber 1.0.7. There is a CSRF attack (against the admin user) that can add an administrative account via api/save_user.
Microweber Microweber 1.0.7
8.8
CVSSv3
CVE-2021-36461
An Arbitrary File Upload vulnerability exists in Microweber 1.1.3 that allows malicious users to getshell via the Settings Upload Picture section by uploading pictures with malicious code, user.ini.
Microweber Microweber 1.1.3
8.8
CVSSv3
CVE-2023-49052
File Upload vulnerability in Microweber v.2.0.4 allows a remote malicious user to execute arbitrary code via a crafted script to the file upload function in the created forms component.
Microweber Microweber 2.0.4
1 Github repository
5.4
CVSSv3
CVE-2023-47379
Microweber CMS version 2.0.1 is vulnerable to stored Cross Site Scripting (XSS) via the profile picture file upload functionality.
Microweber Microweber 2.0.1
6.1
CVSSv3
CVE-2021-33988
Cross Site Scripting (XSS). vulnerability exists in Microweber CMS 1.2.7 via the Login form, which could let a malicious user execute Javascript by Inserting code in the request form.
Microweber Microweber 1.2.7
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33572
CVE-2024-24919
CVE-2024-0230
CVE-2024-32714
HTML injection
local file inclusion
CVE-2024-31098
CVE-2024-31244
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
4
5
6
7
8
9
10
NEXT »