Vulnerabilities > Microweber

DATE CVE VULNERABILITY TITLE RISK
2022-05-04 CVE-2022-1584 Cross-site Scripting vulnerability in Microweber
Reflected XSS in GitHub repository microweber/microweber prior to 1.2.16.
network
microweber CWE-79
4.3
2022-05-04 CVE-2022-1555 Cross-site Scripting vulnerability in Microweber
DOM XSS in microweber ver 1.2.15 in GitHub repository microweber/microweber prior to 1.2.16.
network
microweber CWE-79
4.3
2022-04-27 CVE-2022-1504 Cross-site Scripting vulnerability in Microweber
XSS in /demo/module/?module=HERE in GitHub repository microweber/microweber prior to 1.2.15.
network
microweber CWE-79
4.3
2022-04-22 CVE-2022-1439 Cross-site Scripting vulnerability in Microweber
Reflected XSS on demo.microweber.org/demo/module/ in GitHub repository microweber/microweber prior to 1.2.15.
network
microweber CWE-79
4.3
2022-03-22 CVE-2022-1036 Integer Overflow or Wraparound vulnerability in Microweber
Able to create an account with long password leads to memory corruption / Integer Overflow in GitHub repository microweber/microweber prior to 1.2.12.
network
low complexity
microweber CWE-190
5.0
2022-03-15 CVE-2022-0963 Cross-site Scripting vulnerability in Microweber
Unrestricted XML Files Leads to Stored XSS in GitHub repository microweber/microweber prior to 1.2.12.
network
microweber CWE-79
3.5
2022-03-15 CVE-2022-0968 Integer Overflow or Wraparound vulnerability in Microweber
The microweber application allows large characters to insert in the input field "fist & last name" which can allow attackers to cause a Denial of Service (DoS) via a crafted HTTP request.
network
low complexity
microweber CWE-190
4.0
2022-03-15 CVE-2022-0961 Integer Overflow or Wraparound vulnerability in Microweber
The microweber application allows large characters to insert in the input field "post title" which can allow attackers to cause a Denial of Service (DoS) via a crafted HTTP request.
4.3
2022-03-15 CVE-2022-0954 Cross-site Scripting vulnerability in Microweber
Multiple Stored Cross-site Scripting (XSS) Vulnerabilities in Shop's Other Settings, Shop's Autorespond E-mail Settings and Shops' Payments Methods in GitHub repository microweber/microweber prior to 1.2.11.
network
microweber CWE-79
3.5
2022-03-12 CVE-2022-0930 Cross-site Scripting vulnerability in Microweber
File upload filter bypass leading to stored XSS in GitHub repository microweber/microweber prior to 1.2.12.
network
microweber CWE-79
3.5