Vulnerabilities > Microweber > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-12-08 | CVE-2023-48122 | Unspecified vulnerability in Microweber 2.0.1/2.0.2/2.0.3 An issue in microweber v.2.0.1 and fixed in v.2.0.4 allows a remote attacker to obtain sensitive information via the HTTP GET method. | 7.5 |
| 2023-11-30 | CVE-2023-49052 | Unrestricted Upload of File with Dangerous Type vulnerability in Microweber 2.0.4 File Upload vulnerability in Microweber v.2.0.4 allows a remote attacker to execute arbitrary code via a crafted script to the file upload function in the created forms component. | 8.8 |
| 2023-09-30 | CVE-2023-5318 | Use of Hard-coded Credentials vulnerability in Microweber Use of Hard-coded Credentials in GitHub repository microweber/microweber prior to 2.0. | 7.5 |
| 2023-04-22 | CVE-2023-2240 | Unspecified vulnerability in Microweber Improper Privilege Management in GitHub repository microweber/microweber prior to 1.3.4. | 8.8 |
| 2022-12-27 | CVE-2022-4732 | Unspecified vulnerability in Microweber Unrestricted Upload of File with Dangerous Type in GitHub repository microweber/microweber prior to 1.3.2. | 7.2 |
| 2022-11-22 | CVE-2022-33012 | Injection vulnerability in Microweber 1.2.15 Microweber v1.2.15 was discovered to allow attackers to perform an account takeover via a host header injection attack. | 8.8 |
| 2022-07-15 | CVE-2021-36461 | Unrestricted Upload of File with Dangerous Type vulnerability in Microweber 1.1.3 An Arbitrary File Upload vulnerability exists in Microweber 1.1.3 that allows attackers to getshell via the Settings Upload Picture section by uploading pictures with malicious code, user.ini. | 8.8 |
| 2022-05-09 | CVE-2022-1631 | Incorrect Authorization vulnerability in Microweber Users Account Pre-Takeover or Users Account Takeover. | 8.8 |
| 2022-03-22 | CVE-2022-1036 | Integer Overflow or Wraparound vulnerability in Microweber Able to create an account with long password leads to memory corruption / Integer Overflow in GitHub repository microweber/microweber prior to 1.2.12. | 7.5 |
| 2022-03-11 | CVE-2022-0913 | Integer Overflow or Wraparound vulnerability in Microweber Integer Overflow or Wraparound in GitHub repository microweber/microweber prior to 1.3. | 7.5 |