Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
microweber microweber vulnerabilities and exploits
(subscribe to this query)
5.4
CVSSv3
CVE-2023-0608
Cross-site Scripting (XSS) - DOM in GitHub repository microweber/microweber before 1.3.2.
Microweber Microweber
7.2
CVSSv3
CVE-2020-28337
A directory traversal issue in the Utils/Unzip module in Microweber up to and including 1.1.20 allows an authenticated malicious user to gain remote code execution via the backup restore feature. To exploit the vulnerability, an attacker must have the credentials of an administra...
Microweber Microweber
7.5
CVSSv3
CVE-2022-0282
Cross-site Scripting in Packagist microweber/microweber before 1.2.11.
Microweber Microweber
5.4
CVSSv3
CVE-2022-0378
Cross-site Scripting (XSS) - Reflected in Packagist microweber/microweber before 1.2.11.
Microweber Microweber
17 Github repositories
6.1
CVSSv3
CVE-2022-2130
Cross-site Scripting (XSS) - Reflected in GitHub repository microweber/microweber before 1.2.17.
Microweber Microweber
5.4
CVSSv3
CVE-2023-47379
Microweber CMS version 2.0.1 is vulnerable to stored Cross Site Scripting (XSS) via the profile picture file upload functionality.
Microweber Microweber 2.0.1
8.8
CVSSv3
CVE-2021-36461
An Arbitrary File Upload vulnerability exists in Microweber 1.1.3 that allows malicious users to getshell via the Settings Upload Picture section by uploading pictures with malicious code, user.ini.
Microweber Microweber 1.1.3
8.8
CVSSv3
CVE-2023-49052
File Upload vulnerability in Microweber v.2.0.4 allows a remote malicious user to execute arbitrary code via a crafted script to the file upload function in the created forms component.
Microweber Microweber 2.0.4
1 Github repository
6.1
CVSSv3
CVE-2021-33988
Cross Site Scripting (XSS). vulnerability exists in Microweber CMS 1.2.7 via the Login form, which could let a malicious user execute Javascript by Inserting code in the request form.
Microweber Microweber 1.2.7
9.8
CVSSv3
CVE-2020-23138
An unrestricted file upload vulnerability exists in the Microweber 1.1.18 admin account page. An attacker can upload PHP code or any extension (eg- .exe) to the web server by providing image data and the image/jpeg content type with a .php extension.
Microweber Microweber 1.1.18
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
logic flaw
CVE-2024-23692
CVE-2024-26229
CVE-2024-35255
CVE-2024-5835
CVE-2024-5837
XML external entity
dos
CVE-2024-5813
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
4
5
6
7
8
9
10
NEXT »