Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
microweber vulnerabilities and exploits
(subscribe to this query)
516
VMScore
CVE-2022-2252
Open Redirect in GitHub repository microweber/microweber before 1.2.19.
Microweber Microweber
383
VMScore
CVE-2022-2353
Prior to microweber/microweber v1.2.20, due to improper neutralization of input, an attacker can steal tokens to perform cross-site request forgery, fetch contents from same-site and redirect a user.
Microweber Microweber
668
VMScore
CVE-2022-2368
Authentication Bypass by Spoofing in GitHub repository microweber/microweber before 1.2.20.
Microweber Microweber
NA
CVE-2023-2239
Exposure of Private Personal Information to an Unauthorized Actor in GitHub repository microweber/microweber before 1.3.4.
Microweber Microweber
NA
CVE-2023-2240
Improper Privilege Management in GitHub repository microweber/microweber before 1.3.4.
Microweber Microweber
NA
CVE-2021-32856
Microweber is a drag and drop website builder and content management system. Versions 1.2.12 and prior are vulnerable to copy-paste cross-site scripting (XSS). For this particular type of XSS, the victim needs to be fooled into copying a malicious payload into the text editor. A ...
Microweber Microweber
NA
CVE-2022-4732
Unrestricted Upload of File with Dangerous Type in GitHub repository microweber/microweber before 1.3.2.
Microweber Microweber
NA
CVE-2022-2495
Cross-site Scripting (XSS) - Stored in GitHub repository microweber/microweber before 1.2.21.
Microweber Microweber
383
VMScore
CVE-2022-1439
Reflected XSS on demo.microweber.org/demo/module/ in GitHub repository microweber/microweber before 1.2.15. Execute Arbitrary JavaScript as the attacked user. It's the only payload I found working, you might need to press "tab" but there is probably a paylaod that ...
Microweber Microweber
NA
CVE-2022-4647
Cross-site Scripting (XSS) - Stored in GitHub repository microweber/microweber before 1.3.2.
Microweber Microweber
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-48693
CVE-2024-30851
CVE-2024-34460
CVE-2024-2887
local
CVE-2024-27956
remote code execution
CVE-2024-34475
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »