Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
microweber vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2022-0895
Static Code Injection in GitHub repository microweber/microweber before 1.3.
Microweber Microweber
6.1
CVSSv3
CVE-2022-0929
XSS on dynamic_text module in GitHub repository microweber/microweber before 1.2.11.
Microweber Microweber
5.4
CVSSv3
CVE-2022-0954
Multiple Stored Cross-site Scripting (XSS) Vulnerabilities in Shop's Other Settings, Shop's Autorespond E-mail Settings and Shops' Payments Methods in GitHub repository microweber/microweber before 1.2.11.
Microweber Microweber
5.5
CVSSv3
CVE-2022-0961
The microweber application allows large characters to insert in the input field "post title" which can allow malicious users to cause a Denial of Service (DoS) via a crafted HTTP request. in GitHub repository microweber/microweber before 1.2.12.
Microweber Microweber
5.4
CVSSv3
CVE-2022-0963
Unrestricted XML Files Leads to Stored XSS in GitHub repository microweber/microweber before 1.2.12.
Microweber Microweber
5.5
CVSSv3
CVE-2022-0968
The microweber application allows large characters to insert in the input field "fist & last name" which can allow malicious users to cause a Denial of Service (DoS) via a crafted HTTP request. in microweber/microweber in GitHub repository microweber/microweber befo...
Microweber Microweber
6.1
CVSSv3
CVE-2022-1439
Reflected XSS on demo.microweber.org/demo/module/ in GitHub repository microweber/microweber before 1.2.15. Execute Arbitrary JavaScript as the attacked user. It's the only payload I found working, you might need to press "tab" but there is probably a paylaod that ...
Microweber Microweber
7.2
CVSSv3
CVE-2020-28337
A directory traversal issue in the Utils/Unzip module in Microweber up to and including 1.1.20 allows an authenticated malicious user to gain remote code execution via the backup restore feature. To exploit the vulnerability, an attacker must have the credentials of an administra...
Microweber Microweber
9.8
CVSSv3
CVE-2023-1877
Command Injection in GitHub repository microweber/microweber before 1.3.3.
Microweber Microweber
5.4
CVSSv3
CVE-2023-1881
Cross-site Scripting (XSS) - Stored in GitHub repository microweber/microweber before 1.3.3.
Microweber Microweber
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
NULL pointer dereference
CVE-2023-52689
CVE-2024-23803
client side
CVE-2023-52696
information disclosure
CVE-2024-35843
CVE-2024-27130
CVE-2023-52697
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »