File Upload vulnerability in Microweber v.2.0.4 allows a remote attacker to execute arbitrary code via a crafted script to the file upload function in the created forms component.
Max CVSS
8.8
EPSS Score
0.91%
Published
2023-11-30
Updated
2023-12-05
An issue in microweber v.2.0.1 and fixed in v.2.0.4 allows a remote attacker to obtain sensitive information via the HTTP GET method.
Max CVSS
7.5
EPSS Score
0.12%
Published
2023-12-08
Updated
2023-12-11
Microweber CMS version 2.0.1 is vulnerable to stored Cross Site Scripting (XSS) via the profile picture file upload functionality.
Max CVSS
5.4
EPSS Score
0.05%
Published
2023-11-08
Updated
2023-11-15
Business Logic Errors in GitHub repository microweber/microweber prior to 2.0.
Max CVSS
6.0
EPSS Score
0.04%
Published
2023-12-15
Updated
2023-12-21
Missing Standardized Error Handling Mechanism in GitHub repository microweber/microweber prior to 2.0.
Max CVSS
4.3
EPSS Score
0.04%
Published
2023-12-08
Updated
2023-12-12
Business Logic Errors in GitHub repository microweber/microweber prior to 2.0.
Max CVSS
6.5
EPSS Score
0.05%
Published
2023-12-07
Updated
2023-12-12
Improper Access Control in GitHub repository microweber/microweber prior to 2.0.
Max CVSS
4.6
EPSS Score
0.05%
Published
2023-11-07
Updated
2023-11-14
Cross-site Scripting (XSS) - Stored in GitHub repository microweber/microweber prior to 2.0.
Max CVSS
6.4
EPSS Score
0.05%
Published
2023-10-31
Updated
2023-11-08
Use of Hard-coded Credentials in GitHub repository microweber/microweber prior to 2.0.
Max CVSS
7.5
EPSS Score
0.09%
Published
2023-09-30
Updated
2023-10-02
Cross-site Scripting (XSS) - Reflected in GitHub repository microweber/microweber prior to 2.0.
Max CVSS
6.1
EPSS Score
0.13%
Published
2023-09-28
Updated
2023-09-29
Cross-site Scripting (XSS) - Stored in GitHub repository microweber/microweber prior to 2.0.
Max CVSS
5.4
EPSS Score
0.05%
Published
2023-06-07
Updated
2023-06-14
Improper Privilege Management in GitHub repository microweber/microweber prior to 1.3.4.
Max CVSS
8.8
EPSS Score
0.07%
Published
2023-04-22
Updated
2023-05-02
Exposure of Private Personal Information to an Unauthorized Actor in GitHub repository microweber/microweber prior to 1.3.4.
Max CVSS
7.1
EPSS Score
0.07%
Published
2023-04-22
Updated
2023-04-28
Cross-site Scripting (XSS) - Generic in GitHub repository microweber/microweber prior to 1.3.3.
Max CVSS
5.3
EPSS Score
0.05%
Published
2023-04-13
Updated
2023-04-21
Cross-site Scripting (XSS) - Stored in GitHub repository microweber/microweber prior to 1.3.3.
Max CVSS
7.4
EPSS Score
0.05%
Published
2023-04-05
Updated
2023-04-11
Command Injection in GitHub repository microweber/microweber prior to 1.3.3.
Max CVSS
9.8
EPSS Score
0.10%
Published
2023-04-05
Updated
2023-04-11
Cross-site Scripting (XSS) - Stored in GitHub repository microweber/microweber prior to 1.3.3.
Max CVSS
5.7
EPSS Score
0.05%
Published
2023-02-28
Updated
2023-03-04
Cross-site Scripting (XSS) - DOM in GitHub repository microweber/microweber prior to 1.3.2.
Max CVSS
6.3
EPSS Score
0.05%
Published
2023-02-01
Updated
2023-02-08
Microweber v1.2.15 was discovered to allow attackers to perform an account takeover via a host header injection attack.
Max CVSS
8.8
EPSS Score
0.14%
Published
2022-11-22
Updated
2022-11-28
Unrestricted Upload of File with Dangerous Type in GitHub repository microweber/microweber prior to 1.3.2.
Max CVSS
7.2
EPSS Score
0.08%
Published
2022-12-27
Updated
2023-01-05
Cross-site Scripting (XSS) - Stored in GitHub repository microweber/microweber prior to 1.3.2.
Max CVSS
6.1
EPSS Score
0.05%
Published
2022-12-22
Updated
2022-12-24
Cross-site Scripting (XSS) - Reflected in GitHub repository microweber/microweber prior to 1.3.2.
Max CVSS
6.1
EPSS Score
0.06%
Published
2022-12-21
Updated
2022-12-24
HTML injection attack is closely related to Cross-site Scripting (XSS). HTML injection uses HTML to deface the page. XSS, as the name implies, injects JavaScript into the page. Both attacks exploit insufficient validation of user input.
Max CVSS
6.1
EPSS Score
0.08%
Published
2022-09-20
Updated
2022-09-22
Code Injection in GitHub repository microweber/microweber prior to 1.3.2.
Max CVSS
6.1
EPSS Score
2.81%
Published
2022-09-20
Updated
2022-09-21
Cross-site Scripting (XSS) - Stored in GitHub repository microweber/microweber prior to 1.3.1.
Max CVSS
6.6
EPSS Score
0.05%
Published
2022-08-11
Updated
2022-08-15
99 vulnerabilities found
1 2 3 4
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!