Microweber

microweber

115 CVEs • 2 products

Products (2)

Click to collapse

Toggle

CVEs (115)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2022-0963 1Microweber 1Microweber Nov 21, 2024 Mar 15, 2022 N/A· v4 5.4 MEDIUM· v3 3.5 LOW· v2 Unrestricted XML Files Leads to Stored XSS in GitHub repository microweber/microweber prior to 1.2.12.
CVE-2022-0961 1Microweber 1Microweber Nov 21, 2024 Mar 15, 2022 N/A· v4 5.5 MEDIUM· v3 4.3 MEDIUM· v2 The microweber application allows large characters to insert in the input field "post title" which can allow attackers to cause a Denial of Service (DoS) via a crafted HTTP request. in GitHub repository microweber/microw...Show more The microweber application allows large characters to insert in the input field "post title" which can allow attackers to cause a Denial of Service (DoS) via a crafted HTTP request. in GitHub repository microweber/microweber prior to 1.2.12.Show less
CVE-2022-0954 1Microweber 1Microweber Nov 21, 2024 Mar 15, 2022 N/A· v4 5.4 MEDIUM· v3 3.5 LOW· v2 Multiple Stored Cross-site Scripting (XSS) Vulnerabilities in Shop's Other Settings, Shop's Autorespond E-mail Settings and Shops' Payments Methods in GitHub repository microweber/microweber prior to 1.2.11.
CVE-2022-0930 1Microweber 1Microweber Nov 21, 2024 Mar 12, 2022 N/A· v4 4.8 MEDIUM· v3 3.5 LOW· v2 File upload filter bypass leading to stored XSS in GitHub repository microweber/microweber prior to 1.2.12.
CVE-2022-0929 1Microweber 1Microweber Nov 21, 2024 Mar 12, 2022 N/A· v4 6.1 MEDIUM· v3 4.3 MEDIUM· v2 XSS on dynamic_text module in GitHub repository microweber/microweber prior to 1.2.11.
CVE-2022-0926 1Microweber 1Microweber Nov 21, 2024 Mar 12, 2022 N/A· v4 4.8 MEDIUM· v3 3.5 LOW· v2 File upload filter bypass leading to stored XSS in GitHub repository microweber/microweber prior to 1.2.12.
CVE-2022-0921 1Microweber 1Microweber Nov 21, 2024 Mar 11, 2022 N/A· v4 6.7 MEDIUM· v3 6.5 MEDIUM· v2 Abusing Backup/Restore feature to achieve Remote Code Execution in GitHub repository microweber/microweber prior to 1.2.12.
CVE-2022-0928 1Microweber 1Microweber Nov 21, 2024 Mar 11, 2022 N/A· v4 5.4 MEDIUM· v3 3.5 LOW· v2 Cross-site Scripting (XSS) - Stored in GitHub repository microweber/microweber prior to 1.2.12.
CVE-2022-0913 1Microweber 1Microweber Nov 21, 2024 Mar 11, 2022 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 Integer Overflow or Wraparound in GitHub repository microweber/microweber prior to 1.3.
CVE-2022-0912 1Microweber 1Microweber Nov 21, 2024 Mar 11, 2022 N/A· v4 4.8 MEDIUM· v3 3.5 LOW· v2 Unrestricted Upload of File with Dangerous Type in GitHub repository microweber/microweber prior to 1.2.11.
CVE-2022-0906 1Microweber 1Microweber Nov 21, 2024 Mar 10, 2022 N/A· v4 4.8 MEDIUM· v3 3.5 LOW· v2 Unrestricted file upload leads to stored XSS in GitHub repository microweber/microweber prior to 1.1.12.
CVE-2022-0895 1Microweber 1Microweber Nov 21, 2024 Mar 10, 2022 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 Static Code Injection in GitHub repository microweber/microweber prior to 1.3.
CVE-2022-0896 1Microweber 1Microweber Nov 21, 2024 Mar 9, 2022 N/A· v4 8.8 HIGH· v3 6.8 MEDIUM· v2 Improper Neutralization of Special Elements Used in a Template Engine in GitHub repository microweber/microweber prior to 1.3.
CVE-2022-0855 1Microweber 1Whmcs Nov 21, 2024 Mar 4, 2022 N/A· v4 6.1 MEDIUM· v3 5.8 MEDIUM· v2 Improper Resolution of Path Equivalence in GitHub repository microweber-dev/whmcs_plugin prior to 0.0.4.
CVE-2022-0777 1Microweber 1Microweber Nov 21, 2024 Mar 1, 2022 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 Weak Password Recovery Mechanism for Forgotten Password in GitHub repository microweber/microweber prior to 1.3.
CVE-2022-0723 1Microweber 1Microweber Nov 21, 2024 Feb 26, 2022 N/A· v4 5.4 MEDIUM· v3 3.5 LOW· v2 Cross-site Scripting (XSS) - Reflected in GitHub repository microweber/microweber prior to 1.2.11.
CVE-2022-0763 1Microweber 1Microweber Nov 21, 2024 Feb 26, 2022 N/A· v4 4.8 MEDIUM· v3 3.5 LOW· v2 Cross-site Scripting (XSS) - Stored in GitHub repository microweber/microweber prior to 1.3.
CVE-2022-0762 1Microweber 1Microweber Feb 24, 2026 Feb 26, 2022 N/A· v4 4.3 MEDIUM· v3 4.0 MEDIUM· v2 Incorrect Authorization in GitHub repository microweber/microweber prior to 1.3.
CVE-2022-0724 1Microweber 1Microweber Nov 21, 2024 Feb 23, 2022 N/A· v4 6.5 MEDIUM· v3 4.0 MEDIUM· v2 Insecure Storage of Sensitive Information in GitHub repository microweber/microweber prior to 1.3.
CVE-2022-0721 1Microweber 1Microweber Nov 21, 2024 Feb 23, 2022 N/A· v4 6.5 MEDIUM· v3 4.0 MEDIUM· v2 Insertion of Sensitive Information Into Debugging Code in GitHub repository microweber/microweber prior to 1.3.

Previous 1 2 345 6 Next