Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
microweber microweber vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2022-2777
Cross-site Scripting (XSS) - Stored in GitHub repository microweber/microweber before 1.3.1.
Microweber Microweber
4.3
CVSSv2
CVE-2022-1439
Reflected XSS on demo.microweber.org/demo/module/ in GitHub repository microweber/microweber before 1.2.15. Execute Arbitrary JavaScript as the attacked user. It's the only payload I found working, you might need to press "tab" but there is probably a paylaod that ...
Microweber Microweber
4.3
CVSSv2
CVE-2022-1504
XSS in /demo/module/?module=HERE in GitHub repository microweber/microweber before 1.2.15. Typical impact of XSS attacks.
Microweber Microweber
4.3
CVSSv2
CVE-2022-1555
DOM XSS in microweber ver 1.2.15 in GitHub repository microweber/microweber before 1.2.16. inject arbitrary js code, deface website, steal cookie...
Microweber Microweber
4.3
CVSSv2
CVE-2022-1584
Reflected XSS in GitHub repository microweber/microweber before 1.2.16. Executing JavaScript as the victim
Microweber Microweber
7.5
CVSSv2
CVE-2014-9464
SQL injection vulnerability in Category.php in Microweber CMS 0.95 prior to 20141209 allows remote malicious users to execute arbitrary SQL commands via the category parameter when displaying a category, related to the $parent_id variable.
Microweber Microweber
1 EDB exploit
NA
CVE-2023-5861
Cross-site Scripting (XSS) - Stored in GitHub repository microweber/microweber before 2.0.
Microweber Microweber
NA
CVE-2022-4732
Unrestricted Upload of File with Dangerous Type in GitHub repository microweber/microweber before 1.3.2.
Microweber Microweber
5
CVSSv2
CVE-2022-0281
Exposure of Sensitive Information to an Unauthorized Actor in Packagist microweber/microweber before 1.2.11.
Microweber Microweber
NA
CVE-2023-5244
Cross-site Scripting (XSS) - Reflected in GitHub repository microweber/microweber before 2.0.
Microweber Microweber
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-5248
CVE-2024-3110
CVE-2024-5552
CVE-2024-29415
HTML injection
CVE-2024-3095
TCP
type confusion
CVE-2024-1800
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »