Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
microweber vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-5318
Use of Hard-coded Credentials in GitHub repository microweber/microweber before 2.0.
Microweber Microweber
4.3
CVSSv2
CVE-2022-1439
Reflected XSS on demo.microweber.org/demo/module/ in GitHub repository microweber/microweber before 1.2.15. Execute Arbitrary JavaScript as the attacked user. It's the only payload I found working, you might need to press "tab" but there is probably a paylaod that ...
Microweber Microweber
6.8
CVSSv2
CVE-2022-1631
Users Account Pre-Takeover or Users Account Takeover. in GitHub repository microweber/microweber before 1.2.15. Victim Account Take Over. Since, there is no email confirmation, an attacker can easily create an account in the application using the Victim’s Email. This allows...
Microweber Microweber
7.5
CVSSv2
CVE-2014-9464
SQL injection vulnerability in Category.php in Microweber CMS 0.95 prior to 20141209 allows remote malicious users to execute arbitrary SQL commands via the category parameter when displaying a category, related to the $parent_id variable.
Microweber Microweber
1 EDB exploit
NA
CVE-2023-0608
Cross-site Scripting (XSS) - DOM in GitHub repository microweber/microweber before 1.3.2.
Microweber Microweber
5
CVSSv2
CVE-2020-13405
userfiles/modules/users/controller/controller.php in Microweber prior to 1.1.20 allows an unauthenticated user to disclose the users database via a /modules/ POST request.
Microweber Microweber
1 Github repository
4.3
CVSSv2
CVE-2022-2174
Cross-site Scripting (XSS) - Reflected in GitHub repository microweber/microweber before 1.2.18.
Microweber Microweber
NA
CVE-2022-2777
Cross-site Scripting (XSS) - Stored in GitHub repository microweber/microweber before 1.3.1.
Microweber Microweber
4.3
CVSSv2
CVE-2022-1504
XSS in /demo/module/?module=HERE in GitHub repository microweber/microweber before 1.2.15. Typical impact of XSS attacks.
Microweber Microweber
4.3
CVSSv2
CVE-2022-1555
DOM XSS in microweber ver 1.2.15 in GitHub repository microweber/microweber before 1.2.16. inject arbitrary js code, deface website, steal cookie...
Microweber Microweber
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-17519
open redirect
CVE-2024-21683
cache poisoning
CVE-2021-47524
CVE-2021-47521
CVE-2024-5229
CVE-2021-47560
local
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »