Microweber - Microweber CVE

Filtered by vendor Microweber Subscribe

Filtered by product Microweber

Total 99 CVE

CVE	Vendors	Products	Updated	CVSS v2	CVSS v3
CVE-2022-1036	1 Microweber	1 Microweber	2024-11-21	5.0 MEDIUM	7.5 HIGH
Able to create an account with long password leads to memory corruption / Integer Overflow in GitHub repository microweber/microweber prior to 1.2.12.
CVE-2022-0968	1 Microweber	1 Microweber	2024-11-21	4.0 MEDIUM	5.5 MEDIUM
The microweber application allows large characters to insert in the input field "fist & last name" which can allow attackers to cause a Denial of Service (DoS) via a crafted HTTP request. in microweber/microweber in GitHub repository microweber/microweber prior to 1.2.12.
CVE-2022-0963	1 Microweber	1 Microweber	2024-11-21	3.5 LOW	5.4 MEDIUM
Unrestricted XML Files Leads to Stored XSS in GitHub repository microweber/microweber prior to 1.2.12.
CVE-2022-0961	1 Microweber	1 Microweber	2024-11-21	4.3 MEDIUM	5.5 MEDIUM
The microweber application allows large characters to insert in the input field "post title" which can allow attackers to cause a Denial of Service (DoS) via a crafted HTTP request. in GitHub repository microweber/microweber prior to 1.2.12.
CVE-2022-0954	1 Microweber	1 Microweber	2024-11-21	3.5 LOW	5.4 MEDIUM
Multiple Stored Cross-site Scripting (XSS) Vulnerabilities in Shop's Other Settings, Shop's Autorespond E-mail Settings and Shops' Payments Methods in GitHub repository microweber/microweber prior to 1.2.11.
CVE-2022-0930	1 Microweber	1 Microweber	2024-11-21	3.5 LOW	4.8 MEDIUM
File upload filter bypass leading to stored XSS in GitHub repository microweber/microweber prior to 1.2.12.
CVE-2022-0929	1 Microweber	1 Microweber	2024-11-21	4.3 MEDIUM	6.1 MEDIUM
XSS on dynamic_text module in GitHub repository microweber/microweber prior to 1.2.11.
CVE-2022-0928	1 Microweber	1 Microweber	2024-11-21	3.5 LOW	5.4 MEDIUM
Cross-site Scripting (XSS) - Stored in GitHub repository microweber/microweber prior to 1.2.12.
CVE-2022-0926	1 Microweber	1 Microweber	2024-11-21	3.5 LOW	4.8 MEDIUM
File upload filter bypass leading to stored XSS in GitHub repository microweber/microweber prior to 1.2.12.
CVE-2022-0921	1 Microweber	1 Microweber	2024-11-21	6.5 MEDIUM	6.7 MEDIUM
Abusing Backup/Restore feature to achieve Remote Code Execution in GitHub repository microweber/microweber prior to 1.2.12.
CVE-2022-0913	1 Microweber	1 Microweber	2024-11-21	5.0 MEDIUM	7.5 HIGH
Integer Overflow or Wraparound in GitHub repository microweber/microweber prior to 1.3.
CVE-2022-0912	1 Microweber	1 Microweber	2024-11-21	3.5 LOW	4.8 MEDIUM
Unrestricted Upload of File with Dangerous Type in GitHub repository microweber/microweber prior to 1.2.11.
CVE-2022-0906	1 Microweber	1 Microweber	2024-11-21	3.5 LOW	4.8 MEDIUM
Unrestricted file upload leads to stored XSS in GitHub repository microweber/microweber prior to 1.1.12.
CVE-2022-0896	1 Microweber	1 Microweber	2024-11-21	6.8 MEDIUM	8.8 HIGH
Improper Neutralization of Special Elements Used in a Template Engine in GitHub repository microweber/microweber prior to 1.3.
CVE-2022-0895	1 Microweber	1 Microweber	2024-11-21	7.5 HIGH	9.8 CRITICAL
Static Code Injection in GitHub repository microweber/microweber prior to 1.3.
CVE-2022-0777	1 Microweber	1 Microweber	2024-11-21	5.0 MEDIUM	7.5 HIGH
Weak Password Recovery Mechanism for Forgotten Password in GitHub repository microweber/microweber prior to 1.3.
CVE-2022-0763	1 Microweber	1 Microweber	2024-11-21	3.5 LOW	4.8 MEDIUM
Cross-site Scripting (XSS) - Stored in GitHub repository microweber/microweber prior to 1.3.
CVE-2022-0762	1 Microweber	1 Microweber	2024-11-21	4.0 MEDIUM	5.5 MEDIUM
Incorrect Authorization in GitHub repository microweber/microweber prior to 1.3.
CVE-2022-0724	1 Microweber	1 Microweber	2024-11-21	4.0 MEDIUM	6.5 MEDIUM
Insecure Storage of Sensitive Information in GitHub repository microweber/microweber prior to 1.3.
CVE-2022-0723	1 Microweber	1 Microweber	2024-11-21	3.5 LOW	5.4 MEDIUM
Cross-site Scripting (XSS) - Reflected in GitHub repository microweber/microweber prior to 1.2.11.

Vulnerabilities (CVE)