Vulnerabilities > Microweber > Microweber > 1.0.6
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-07-16 | CVE-2020-13405 | Information Exposure vulnerability in Microweber userfiles/modules/users/controller/controller.php in Microweber before 1.1.20 allows an unauthenticated user to disclose the users database via a /modules/ POST request. | 5.0 |
| 2018-12-20 | CVE-2018-1000826 | Cross-site Scripting vulnerability in Microweber Microweber version <= 1.0.7 contains a Cross Site Scripting (XSS) vulnerability in Admin login form template that can result in Execution of JavaScript code. | 4.3 |