Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
bitweaver vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2007-6412
Direct static code injection vulnerability in wiki/index.php in Bitweaver 2.0.0 and previous versions, when comments are enabled, allows remote malicious users to inject arbitrary PHP code via an editcomments action.
Bitweaver Bitweaver
NA
CVE-2007-6374
Multiple cross-site scripting (XSS) vulnerabilities in Bitweaver 2.0.0 and previous versions allow remote malicious users to inject arbitrary web script or HTML via the PATH_INFO to (1) users/register.php or (2) search/index.php, or an editcomments action in (3) wiki/index.php or...
Bitweaver Bitweaver
2 EDB exploits
NA
CVE-2006-1131
Cross-site scripting (XSS) vulnerability in read.php in bitweaver CMS 1.2.1 allows remote malicious users to inject arbitrary web script or HTML via the comment_title parameter.
Bitweaver Bitweaver 1.2.1
1 EDB exploit
4.8
CVSSv3
CVE-2021-29031
A cross-site scripting (XSS) vulnerability in Bitweaver version 3.1.0 allows remote malicious users to inject JavaScript via the /users/admin/users_import.php URI.
Bitweaver Bitweaver 3.1.0
4.8
CVSSv3
CVE-2021-29028
A cross-site scripting (XSS) vulnerability in Bitweaver version 3.1.0 allows remote malicious users to inject JavaScript via the /users/admin/user_activity.php URI.
Bitweaver Bitweaver 3.1.0
NA
CVE-2007-0526
Multiple cross-site scripting (XSS) vulnerabilities in Bitweaver 1.3.1 allow remote malicious users to inject arbitrary web script or HTML via the URL (PATH_INFO) to (1) articles/edit.php, (2) articles/list.php, (3) blogs/list_blogs.php, or (4) blogs/rankings.php.
Bitweaver Bitweaver 1.3.1
NA
CVE-2008-4337
Cross-site scripting (XSS) vulnerability in Bitweaver 2.0.2 allows remote malicious users to inject arbitrary web script or HTML via the URL parameter to (1) edit.php and (2) list.php in articles/; (3) list_blogs.php and (4) rankings.php in blogs/; (5) calendar/index.php; (6) cal...
Bitweaver Bitweaver 2.0.2
NA
CVE-2006-1745
Cross-site scripting (XSS) vulnerability in login.php in Bitweaver 1.3 allows remote malicious users to inject arbitrary web script or HTML via the error parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
Bitweaver Bitweaver 1.3
1 EDB exploit
4.8
CVSSv3
CVE-2021-29025
A cross-site scripting (XSS) vulnerability in Bitweaver version 3.1.0 allows remote malicious users to inject JavaScript via the /users/my_images.php URI.
Bitweaver Bitweaver 3.1.0
4.8
CVSSv3
CVE-2021-29026
A cross-site scripting (XSS) vulnerability in Bitweaver version 3.1.0 allows remote malicious users to inject JavaScript via the /users/admin/permissions.php URI.
Bitweaver Bitweaver 3.1.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-48693
CVE-2024-30851
CVE-2024-34460
CVE-2024-2887
local
CVE-2024-27956
remote code execution
CVE-2024-34475
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
NEXT »