Microweber Latest High Vulnerabilities

Remote Information Disclosure in Microweber by Microweber Ltd.

CVE-2023-48122

MicroweberMicroweber7.5HIGH

File Upload Vulnerability in Microweber by Microweber Team

CVE-2023-49052

MicroweberMicroweber👾🟡EPSS 21%8.8HIGH

Improper Privilege Management in microweber/microweber

CVE-2023-2240

MicroweberMicroweber/microweber8.8HIGH

Command Injection in microweber/microweber

CVE-2023-1877

MicroweberMicroweber/microweber9.8CRITICAL

Host Header Injection Vulnerability in Microweber Web Application by Microweber

CVE-2022-33012

MicroweberMicroweber8.8HIGH

Arbitrary File Upload Vulnerability in Microweber by Microweber

CVE-2021-36461

MicroweberMicroweber8.8HIGH

DOM XSS in microweber ver 1.2.15 in microweber/microweber

CVE-2022-1555

MicroweberMicroweber/microweber8.8HIGH

The microweber application allows large characters to insert in the input field "fist & last name" which can allow attackers to cause a Denial of Service (DoS) via a crafted HTTP request. in microweber/microweber in microweber/microweber

CVE-2022-0968

MicroweberMicroweber/microweber7.2HIGH

File upload filter bypass leading to stored XSS in microweber/microweber

CVE-2022-0930

MicroweberMicroweber/microweber8HIGH

File upload filter bypass leading to stored XSS in microweber/microweber

CVE-2022-0926

MicroweberMicroweber/microweber7.1HIGH

Integer Overflow or Wraparound in microweber/microweber

CVE-2022-0913

MicroweberMicroweber/microweber9.1CRITICAL

Static Code Injection in microweber/microweber

CVE-2022-0895

MicroweberMicroweber/microweber7.7HIGH

Improper Neutralization of Special Elements Used in a Template Engine in microweber/microweber

CVE-2022-0896

MicroweberMicroweber/microweber7.1HIGH

Improper Resolution of Path Equivalence in microweber-dev/whmcs_plugin

CVE-2022-0855

Microweber-devMicroweber-dev/whmcs P...7.4HIGH

Weak Password Recovery Mechanism for Forgotten Password in microweber/microweber

CVE-2022-0777

microwebermicroweber/microweber7.5HIGH

Cross-site Scripting (XSS) - Reflected in microweber/microweber

CVE-2022-0723

MicroweberMicroweber/microweber8HIGH

Insecure Storage of Sensitive Information in microweber/microweber

CVE-2022-0724

MicroweberMicroweber/microweber9.1CRITICAL

Cross-site Scripting (XSS) - Reflected in microweber/microweber

CVE-2022-0719

MicroweberMicroweber/microweber7.6HIGH

Business Logic Errors in microweber/microweber

CVE-2022-0688

MicroweberMicroweber/microweber9.4CRITICAL

CRLF Injection leads to Stack Trace Exposure due to lack of filtering at https://demo.microweber.org/ in microweber/microweber

CVE-2022-0666

MicroweberMicroweber/microweber👾🟡EPSS 17%7.6HIGH

Generation of Error Message Containing Sensitive Information in microweber/microweber

CVE-2022-0660

MicroweberMicroweber/microweberEPSS 11%9.4CRITICAL

OS Command Injection in microweber/microweber

CVE-2022-0557

microwebermicroweber/microweberEPSS 12%7.2HIGH

Cross-site Scripting (XSS) - Stored in microweber/microweber

CVE-2022-0558

MicroweberMicroweber/microweber9.8CRITICAL

Cross-site Scripting (XSS) - Stored in microweber/microweber

CVE-2022-0506

MicroweberMicroweber/microweber7.7HIGH

Cross-site Scripting (XSS) - Reflected in microweber/microweber

CVE-2022-0378

MicroweberMicroweber/microweber7.1HIGH

Vulnerability Published:

Sort By:

8 December 2023

Remote Information Disclosure in Microweber by Microweber Ltd.

30 November 2023

File Upload Vulnerability in Microweber by Microweber Team

22 April 2023

Improper Privilege Management in microweber/microweber

5 April 2023

Command Injection in microweber/microweber

22 November 2022

Host Header Injection Vulnerability in Microweber Web Application by Microweber

15 July 2022

Arbitrary File Upload Vulnerability in Microweber by Microweber

4 May 2022

DOM XSS in microweber ver 1.2.15 in microweber/microweber

15 March 2022

The microweber application allows large characters to insert in the input field "fist & last name" which can allow attackers to cause a Denial of Service (DoS) via a crafted HTTP request. in microweber/microweber in microweber/microweber

12 March 2022

File upload filter bypass leading to stored XSS in microweber/microweber

File upload filter bypass leading to stored XSS in microweber/microweber

11 March 2022

Integer Overflow or Wraparound in microweber/microweber

10 March 2022

Static Code Injection in microweber/microweber

9 March 2022

Improper Neutralization of Special Elements Used in a Template Engine in microweber/microweber

4 March 2022

Improper Resolution of Path Equivalence in microweber-dev/whmcs_plugin

1 March 2022

Weak Password Recovery Mechanism for Forgotten Password in microweber/microweber

26 February 2022

Cross-site Scripting (XSS) - Reflected in microweber/microweber

23 February 2022

Insecure Storage of Sensitive Information in microweber/microweber

Cross-site Scripting (XSS) - Reflected in microweber/microweber

20 February 2022

Business Logic Errors in microweber/microweber

18 February 2022

CRLF Injection leads to Stack Trace Exposure due to lack of filtering at https://demo.microweber.org/ in microweber/microweber

Generation of Error Message Containing Sensitive Information in microweber/microweber

11 February 2022

OS Command Injection in microweber/microweber

10 February 2022

Cross-site Scripting (XSS) - Stored in microweber/microweber

8 February 2022

Cross-site Scripting (XSS) - Stored in microweber/microweber

26 January 2022

Cross-site Scripting (XSS) - Reflected in microweber/microweber