Show filters
99 Total Results
Displaying 1-10 of 99
Sort by:
Attacker Value
Unknown

CVE-2024-40101

Disclosure Date: August 06, 2024 (last updated August 30, 2024)
A Reflected Cross-site scripting (XSS) vulnerability exists in '/search' in microweber 2.0.15 and earlier allowing unauthenticated remote attackers to inject arbitrary web script or HTML via the 'keywords' parameter.
Attack Vector: NetworkPrivileges: NoneUser Interaction: Required
0
0
Attacker Value
Unknown

CVE-2023-6832

Disclosure Date: December 15, 2023 (last updated December 22, 2023)
Business Logic Errors in GitHub repository microweber/microweber prior to 2.0.
Attack Vector: NetworkPrivileges: LowUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2023-48122

Disclosure Date: December 08, 2023 (last updated December 12, 2023)
An issue in microweber v.2.0.1 and fixed in v.2.0.4 allows a remote attacker to obtain sensitive information via the HTTP GET method.
Attack Vector: NetworkPrivileges: NoneUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2023-6599

Disclosure Date: December 08, 2023 (last updated December 13, 2023)
Missing Standardized Error Handling Mechanism in GitHub repository microweber/microweber prior to 2.0.
Attack Vector: NetworkPrivileges: LowUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2023-6566

Disclosure Date: December 07, 2023 (last updated December 13, 2023)
Business Logic Errors in GitHub repository microweber/microweber prior to 2.0.
Attack Vector: NetworkPrivileges: LowUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2023-49052

Disclosure Date: November 30, 2023 (last updated December 06, 2023)
File Upload vulnerability in Microweber v.2.0.4 allows a remote attacker to execute arbitrary code via a crafted script to the file upload function in the created forms component.
Attack Vector: NetworkPrivileges: NoneUser Interaction: Required
0
0
Attacker Value
Unknown

CVE-2023-47379

Disclosure Date: November 08, 2023 (last updated November 16, 2023)
Microweber CMS version 2.0.1 is vulnerable to stored Cross Site Scripting (XSS) via the profile picture file upload functionality.
Attack Vector: NetworkPrivileges: LowUser Interaction: Required
0
0
Attacker Value
Unknown

CVE-2023-5976

Disclosure Date: November 07, 2023 (last updated November 15, 2023)
Improper Access Control in GitHub repository microweber/microweber prior to 2.0.
Attack Vector: NetworkPrivileges: LowUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2023-5861

Disclosure Date: October 31, 2023 (last updated November 08, 2023)
Cross-site Scripting (XSS) - Stored in GitHub repository microweber/microweber prior to 2.0.
Attack Vector: NetworkPrivileges: HighUser Interaction: Required
0
0
Attacker Value
Unknown

CVE-2023-5318

Disclosure Date: September 30, 2023 (last updated October 08, 2023)
Use of Hard-coded Credentials in GitHub repository microweber/microweber prior to 2.0.
Attack Vector: NetworkPrivileges: NoneUser Interaction: None
0
0
View More Topics  Next >