Vulnerabilities > Microweber

DATE	CVE	VULNERABILITY TITLE	RISK
2024-08-06	CVE-2024-40101	Cross-site Scripting vulnerability in Microweber A Reflected Cross-site scripting (XSS) vulnerability exists in '/search' in microweber 2.0.15 and earlier allowing unauthenticated remote attackers to inject arbitrary web script or HTML via the 'keywords' parameter. network low complexity microweber CWE-79	6.1
2023-12-15	CVE-2023-6832	Business Logic Errors vulnerability in Microweber Business Logic Errors in GitHub repository microweber/microweber prior to 2.0. network low complexity microweber CWE-840	4.3
2023-12-08	CVE-2023-48122	Unspecified vulnerability in Microweber 2.0.1/2.0.2/2.0.3 An issue in microweber v.2.0.1 and fixed in v.2.0.4 allows a remote attacker to obtain sensitive information via the HTTP GET method. network low complexity microweber	7.5
2023-12-08	CVE-2023-6599	Improper Handling of Exceptional Conditions vulnerability in Microweber Missing Standardized Error Handling Mechanism in GitHub repository microweber/microweber prior to 2.0. network low complexity microweber CWE-755	4.3
2023-12-07	CVE-2023-6566	Unspecified vulnerability in Microweber Business Logic Errors in GitHub repository microweber/microweber prior to 2.0. network low complexity microweber	6.5
2023-11-30	CVE-2023-49052	Unrestricted Upload of File with Dangerous Type vulnerability in Microweber 2.0.4 File Upload vulnerability in Microweber v.2.0.4 allows a remote attacker to execute arbitrary code via a crafted script to the file upload function in the created forms component. network low complexity microweber CWE-434	8.8
2023-11-08	CVE-2023-47379	Cross-site Scripting vulnerability in Microweber 2.0.1 Microweber CMS version 2.0.1 is vulnerable to stored Cross Site Scripting (XSS) via the profile picture file upload functionality. network low complexity microweber CWE-79	5.4
2023-11-07	CVE-2023-5976	Improper Access Control vulnerability in Microweber Improper Access Control in GitHub repository microweber/microweber prior to 2.0. network low complexity microweber CWE-284	4.3
2023-10-31	CVE-2023-5861	Cross-site Scripting vulnerability in Microweber Cross-site Scripting (XSS) - Stored in GitHub repository microweber/microweber prior to 2.0. network low complexity microweber CWE-79	4.8
2023-09-30	CVE-2023-5318	Use of Hard-coded Credentials vulnerability in Microweber Use of Hard-coded Credentials in GitHub repository microweber/microweber prior to 2.0. network low complexity microweber CWE-798	7.5

Vulnerabilities > Microweber {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Microweber"}]}

Vulnerabilities > Microweber