Vulnerabilities > Microweber

DATE	CVE	VULNERABILITY TITLE	RISK
2023-02-28	CVE-2023-1081	Cross-site Scripting vulnerability in Microweber Cross-site Scripting (XSS) - Stored in GitHub repository microweber/microweber prior to 1.3.3. network low complexity microweber CWE-79	4.8
2023-02-21	CVE-2021-32856	Cross-site Scripting vulnerability in Microweber Microweber is a drag and drop website builder and content management system. network low complexity microweber CWE-79	6.1
2023-02-01	CVE-2023-0608	Cross-site Scripting vulnerability in Microweber Cross-site Scripting (XSS) - DOM in GitHub repository microweber/microweber prior to 1.3.2. network low complexity microweber CWE-79	5.4
2022-11-25	CVE-2022-0698	Cross-site Scripting vulnerability in Microweber 1.3.1 Microweber version 1.3.1 allows an unauthenticated user to perform an account takeover via an XSS on the 'select-file' parameter. network low complexity microweber CWE-79	6.1
2022-11-22	CVE-2022-33012	Injection vulnerability in Microweber 1.2.15 Microweber v1.2.15 was discovered to allow attackers to perform an account takeover via a host header injection attack. network low complexity microweber CWE-74	8.8
2022-07-15	CVE-2021-36461	Unrestricted Upload of File with Dangerous Type vulnerability in Microweber 1.1.3 An Arbitrary File Upload vulnerability exists in Microweber 1.1.3 that allows attackers to getshell via the Settings Upload Picture section by uploading pictures with malicious code, user.ini. network low complexity microweber CWE-434	6.5
2022-07-11	CVE-2022-2368	Business Logic Errors vulnerability in Microweber Business Logic Errors in GitHub repository microweber/microweber prior to 1.2.20. network low complexity microweber CWE-840	7.5
2022-07-09	CVE-2022-2353	Cross-site Scripting vulnerability in Microweber Prior to microweber/microweber v1.2.20, due to improper neutralization of input, an attacker can steal tokens to perform cross-site request forgery, fetch contents from same-site and redirect a user. network microweber CWE-79	4.3
2022-07-04	CVE-2022-2300	Cross-site Scripting vulnerability in Microweber Cross-site Scripting (XSS) - Stored in GitHub repository microweber/microweber prior to 1.2.19. network microweber CWE-79	3.5
2022-07-01	CVE-2022-2280	Cross-site Scripting vulnerability in Microweber Cross-site Scripting (XSS) - Stored in GitHub repository microweber/microweber prior to 1.2.19. network microweber CWE-79	3.5

Vulnerabilities > Microweber {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Microweber"}]}

Vulnerabilities > Microweber