Vulnerabilities > Microweber > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-05-04 | CVE-2022-1584 | Cross-site Scripting vulnerability in Microweber Reflected XSS in GitHub repository microweber/microweber prior to 1.2.16. | 4.3 |
| 2022-05-04 | CVE-2022-1555 | Cross-site Scripting vulnerability in Microweber DOM XSS in microweber ver 1.2.15 in GitHub repository microweber/microweber prior to 1.2.16. | 4.3 |
| 2022-04-27 | CVE-2022-1504 | Cross-site Scripting vulnerability in Microweber XSS in /demo/module/?module=HERE in GitHub repository microweber/microweber prior to 1.2.15. | 4.3 |
| 2022-04-22 | CVE-2022-1439 | Cross-site Scripting vulnerability in Microweber Reflected XSS on demo.microweber.org/demo/module/ in GitHub repository microweber/microweber prior to 1.2.15. | 4.3 |
| 2022-03-22 | CVE-2022-1036 | Integer Overflow or Wraparound vulnerability in Microweber Able to create an account with long password leads to memory corruption / Integer Overflow in GitHub repository microweber/microweber prior to 1.2.12. | 5.0 |
| 2022-03-15 | CVE-2022-0968 | Integer Overflow or Wraparound vulnerability in Microweber The microweber application allows large characters to insert in the input field "fist & last name" which can allow attackers to cause a Denial of Service (DoS) via a crafted HTTP request. | 4.0 |
| 2022-03-15 | CVE-2022-0961 | Integer Overflow or Wraparound vulnerability in Microweber The microweber application allows large characters to insert in the input field "post title" which can allow attackers to cause a Denial of Service (DoS) via a crafted HTTP request. | 4.3 |
| 2022-03-12 | CVE-2022-0929 | Cross-site Scripting vulnerability in Microweber XSS on dynamic_text module in GitHub repository microweber/microweber prior to 1.2.11. | 4.3 |
| 2022-03-11 | CVE-2022-0921 | Unrestricted Upload of File with Dangerous Type vulnerability in Microweber Abusing Backup/Restore feature to achieve Remote Code Execution in GitHub repository microweber/microweber prior to 1.2.12. | 6.5 |
| 2022-03-11 | CVE-2022-0913 | Integer Overflow or Wraparound vulnerability in Microweber Integer Overflow or Wraparound in GitHub repository microweber/microweber prior to 1.3. | 5.0 |