Vulnerabilities (CVE)

  1. OpenCVE
  2. Vulnerabilities (CVE)
Filtered by vendor Microweber Subscribe
Filtered by product Microweber
Total 108 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2022-0968 1 Microweber 1 Microweber 2022-03-22 4.0 MEDIUM 5.5 MEDIUM
The microweber application allows large characters to insert in the input field "fist & last name" which can allow attackers to cause a Denial of Service (DoS) via a crafted HTTP request. in microweber/microweber in GitHub repository microweber/microweber prior to 1.2.12.
CVE-2022-0928 1 Microweber 1 Microweber 2022-03-22 3.5 LOW 5.4 MEDIUM
Cross-site Scripting (XSS) - Stored in GitHub repository microweber/microweber prior to 1.2.12.
CVE-2022-0954 1 Microweber 1 Microweber 2022-03-21 3.5 LOW 5.4 MEDIUM
Multiple Stored Cross-site Scripting (XSS) Vulnerabilities in Shop's Other Settings, Shop's Autorespond E-mail Settings and Shops' Payments Methods in GitHub repository microweber/microweber prior to 1.2.11.
CVE-2022-0906 1 Microweber 1 Microweber 2022-03-21 3.5 LOW 4.8 MEDIUM
Unrestricted file upload leads to stored XSS in GitHub repository microweber/microweber prior to 1.1.12.
CVE-2022-0557 1 Microweber 1 Microweber 2022-03-18 9.0 HIGH 7.2 HIGH
OS Command Injection in Packagist microweber/microweber prior to 1.2.11.
CVE-2022-0926 1 Microweber 1 Microweber 2022-03-18 3.5 LOW 4.8 MEDIUM
File upload filter bypass leading to stored XSS in GitHub repository microweber/microweber prior to 1.2.12.
CVE-2022-0913 1 Microweber 1 Microweber 2022-03-18 5.0 MEDIUM 7.5 HIGH
Integer Overflow or Wraparound in GitHub repository microweber/microweber prior to 1.3.
CVE-2022-0912 1 Microweber 1 Microweber 2022-03-18 3.5 LOW 4.8 MEDIUM
Unrestricted Upload of File with Dangerous Type in GitHub repository microweber/microweber prior to 1.2.11.
CVE-2022-0930 1 Microweber 1 Microweber 2022-03-18 3.5 LOW 4.8 MEDIUM
File upload filter bypass leading to stored XSS in GitHub repository microweber/microweber prior to 1.2.12.
CVE-2022-0929 1 Microweber 1 Microweber 2022-03-18 4.3 MEDIUM 6.1 MEDIUM
XSS on dynamic_text module in GitHub repository microweber/microweber prior to 1.2.11.
CVE-2022-0921 1 Microweber 1 Microweber 2022-03-18 6.5 MEDIUM 6.7 MEDIUM
Abusing Backup/Restore feature to achieve Remote Code Execution in GitHub repository microweber/microweber prior to 1.2.12.
CVE-2022-0896 1 Microweber 1 Microweber 2022-03-11 6.8 MEDIUM 8.8 HIGH
Improper Neutralization of Special Elements Used in a Template Engine in GitHub repository microweber/microweber prior to 1.3.
CVE-2022-0777 1 Microweber 1 Microweber 2022-03-09 5.0 MEDIUM 7.5 HIGH
Weak Password Recovery Mechanism for Forgotten Password in GitHub repository microweber/microweber prior to 1.3.
CVE-2022-0763 1 Microweber 1 Microweber 2022-03-08 3.5 LOW 4.8 MEDIUM
Cross-site Scripting (XSS) - Stored in GitHub repository microweber/microweber prior to 1.3.
CVE-2022-0723 1 Microweber 1 Microweber 2022-03-08 3.5 LOW 5.4 MEDIUM
Cross-site Scripting (XSS) - Reflected in GitHub repository microweber/microweber prior to 1.2.11.
CVE-2022-0719 1 Microweber 1 Microweber 2022-03-02 3.5 LOW 5.4 MEDIUM
Cross-site Scripting (XSS) - Reflected in GitHub repository microweber/microweber prior to 1.3.
CVE-2022-0721 1 Microweber 1 Microweber 2022-03-02 4.0 MEDIUM 6.5 MEDIUM
Insertion of Sensitive Information Into Debugging Code in GitHub repository microweber/microweber prior to 1.3.
CVE-2022-0724 1 Microweber 1 Microweber 2022-03-02 4.0 MEDIUM 6.5 MEDIUM
Insecure Storage of Sensitive Information in GitHub repository microweber/microweber prior to 1.3.
CVE-2022-0688 1 Microweber 1 Microweber 2022-02-28 4.0 MEDIUM 4.9 MEDIUM
Business Logic Errors in Packagist microweber/microweber prior to 1.2.11.
CVE-2022-0666 1 Microweber 1 Microweber 2022-02-26 5.0 MEDIUM 7.5 HIGH
CRLF Injection leads to Stack Trace Exposure due to lack of filtering at https://demo.microweber.org/ in Packagist microweber/microweber prior to 1.2.11.