Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
microweber microweber vulnerabilities and exploits
(subscribe to this query)
6.1
CVSSv3
CVE-2022-2130
Cross-site Scripting (XSS) - Reflected in GitHub repository microweber/microweber before 1.2.17.
Microweber Microweber
7.5
CVSSv3
CVE-2023-48122
An issue in microweber v.2.0.1 and fixed in v.2.0.4 allows a remote malicious user to obtain sensitive information via the HTTP GET method.
Microweber Microweber
6.1
CVSSv3
CVE-2018-1000826
Microweber version <= 1.0.7 contains a Cross Site Scripting (XSS) vulnerability in Admin login form template that can result in Execution of JavaScript code.
Microweber Microweber
6.1
CVSSv3
CVE-2021-32856
Microweber is a drag and drop website builder and content management system. Versions 1.2.12 and prior are vulnerable to copy-paste cross-site scripting (XSS). For this particular type of XSS, the victim needs to be fooled into copying a malicious payload into the text editor. A ...
Microweber Microweber
6.1
CVSSv3
CVE-2022-2470
Cross-site Scripting (XSS) - Reflected in GitHub repository microweber/microweber before 1.2.21.
Microweber Microweber
4.3
CVSSv3
CVE-2023-6832
Business Logic Errors in GitHub repository microweber/microweber before 2.0.
Microweber Microweber
6.1
CVSSv3
CVE-2022-1439
Reflected XSS on demo.microweber.org/demo/module/ in GitHub repository microweber/microweber before 1.2.15. Execute Arbitrary JavaScript as the attacked user. It's the only payload I found working, you might need to press "tab" but there is probably a paylaod that ...
Microweber Microweber
6.1
CVSSv3
CVE-2022-1504
XSS in /demo/module/?module=HERE in GitHub repository microweber/microweber before 1.2.15. Typical impact of XSS attacks.
Microweber Microweber
8.8
CVSSv3
CVE-2022-1631
Users Account Pre-Takeover or Users Account Takeover. in GitHub repository microweber/microweber before 1.2.15. Victim Account Take Over. Since, there is no email confirmation, an attacker can easily create an account in the application using the Victim’s Email. This allows...
Microweber Microweber
7.5
CVSSv3
CVE-2023-5318
Use of Hard-coded Credentials in GitHub repository microweber/microweber before 2.0.
Microweber Microweber
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-22120
CVE-2024-35921
CVE-2024-35874
brute force
CVE-2024-36080
unprivileged
CVE-2024-35917
IDOR
CVE-2024-4947
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »