Vulnerabilities > Microweber
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2023-06-07 | CVE-2023-3142 | Cross-site Scripting vulnerability in Microweber Cross-site Scripting (XSS) - Stored in GitHub repository microweber/microweber prior to 2.0. | 5.4 |
2023-04-22 | CVE-2023-2239 | Privacy Violation vulnerability in Microweber Exposure of Private Personal Information to an Unauthorized Actor in GitHub repository microweber/microweber prior to 1.3.4. | 6.5 |
2023-04-22 | CVE-2023-2240 | Improper Privilege Management vulnerability in Microweber Improper Privilege Management in GitHub repository microweber/microweber prior to 1.3.4. | 8.8 |
2023-04-13 | CVE-2023-2014 | Cross-site Scripting vulnerability in Microweber Cross-site Scripting (XSS) - Generic in GitHub repository microweber/microweber prior to 1.3.3. | 4.8 |
2023-02-28 | CVE-2023-1081 | Cross-site Scripting vulnerability in Microweber Cross-site Scripting (XSS) - Stored in GitHub repository microweber/microweber prior to 1.3.3. | 4.8 |
2023-02-21 | CVE-2021-32856 | Cross-site Scripting vulnerability in Microweber Microweber is a drag and drop website builder and content management system. | 6.1 |
2023-02-01 | CVE-2023-0608 | Cross-site Scripting vulnerability in Microweber Cross-site Scripting (XSS) - DOM in GitHub repository microweber/microweber prior to 1.3.2. | 5.4 |
2022-11-25 | CVE-2022-0698 | Cross-site Scripting vulnerability in Microweber 1.3.1 Microweber version 1.3.1 allows an unauthenticated user to perform an account takeover via an XSS on the 'select-file' parameter. | 6.1 |
2022-11-22 | CVE-2022-33012 | Injection vulnerability in Microweber 1.2.15 Microweber v1.2.15 was discovered to allow attackers to perform an account takeover via a host header injection attack. | 8.8 |
2022-07-15 | CVE-2021-36461 | Unrestricted Upload of File with Dangerous Type vulnerability in Microweber 1.1.3 An Arbitrary File Upload vulnerability exists in Microweber 1.1.3 that allows attackers to getshell via the Settings Upload Picture section by uploading pictures with malicious code, user.ini. | 6.5 |