RSS   Vulnerabilities for 'Microweber'   RSS

2023-12-07
 
CVE-2023-6566

CWE-Other
 

 
Business Logic Errors in GitHub repository microweber/microweber prior to 2.0.

 
2023-12-08
 
CVE-2023-6599

CWE-755
 

 
Missing Standardized Error Handling Mechanism in GitHub repository microweber/microweber prior to 2.0.

 
 
CVE-2023-48122

CWE-noinfo
 

 
An issue in microweber v.2.0.1 and fixed in v.2.0.4 allows a remote attacker to obtain sensitive information via the HTTP GET method.

 
2022-07-15
 
CVE-2021-36461

CWE-434
 

 
An Arbitrary File Upload vulnerability exists in Microweber 1.1.3 that allows attackers to getshell via the Settings Upload Picture section by uploading pictures with malicious code, user.ini.

 
2022-07-11
 
CVE-2022-2368

CWE-840
 

 
Business Logic Errors in GitHub repository microweber/microweber prior to 1.2.20.

 
2022-07-09
 
CVE-2022-2353

CWE-79
 

 
Prior to microweber/microweber v1.2.20, due to improper neutralization of input, an attacker can steal tokens to perform cross-site request forgery, fetch contents from same-site and redirect a user.

 
2022-07-04
 
CVE-2022-2300

CWE-79
 

 
Cross-site Scripting (XSS) - Stored in GitHub repository microweber/microweber prior to 1.2.19.

 
2022-07-01
 
CVE-2022-2280

CWE-79
 

 
Cross-site Scripting (XSS) - Stored in GitHub repository microweber/microweber prior to 1.2.19.

 
2022-06-29
 
CVE-2022-2252

CWE-601
 

 
Open Redirect in GitHub repository microweber/microweber prior to 1.2.19.

 
2022-06-22
 
CVE-2022-2174

CWE-79
 

 
Cross-site Scripting (XSS) - Reflected in GitHub repository microweber/microweber prior to 1.2.18.

 


Copyright 2024, cxsecurity.com

 

Back to Top