Show filters
100 Total Results
Displaying 21-30 of 100
Sort by:
Attacker Value
Unknown

CVE-2022-4732

Disclosure Date: December 27, 2022 (last updated October 08, 2023)
Unrestricted Upload of File with Dangerous Type in GitHub repository microweber/microweber prior to 1.3.2.
Attack Vector: NetworkPrivileges: HighUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2022-4647

Disclosure Date: December 22, 2022 (last updated October 08, 2023)
Cross-site Scripting (XSS) - Stored in GitHub repository microweber/microweber prior to 1.3.2.
Attack Vector: NetworkPrivileges: NoneUser Interaction: Required
0
0
Attacker Value
Unknown

CVE-2022-4617

Disclosure Date: December 21, 2022 (last updated October 08, 2023)
Cross-site Scripting (XSS) - Reflected in GitHub repository microweber/microweber prior to 1.3.2.
Attack Vector: NetworkPrivileges: NoneUser Interaction: Required
0
0
Attacker Value
Unknown

CVE-2022-0698

Disclosure Date: November 25, 2022 (last updated October 08, 2023)
Microweber version 1.3.1 allows an unauthenticated user to perform an account takeover via an XSS on the 'select-file' parameter.
Attack Vector: NetworkPrivileges: NoneUser Interaction: Required
0
0
Attacker Value
Unknown

CVE-2022-33012

Disclosure Date: November 22, 2022 (last updated October 08, 2023)
Microweber v1.2.15 was discovered to allow attackers to perform an account takeover via a host header injection attack.
Attack Vector: NetworkPrivileges: NoneUser Interaction: Required
0
0
Attacker Value
Unknown

CVE-2022-3245

Disclosure Date: September 20, 2022 (last updated February 24, 2025)
HTML injection attack is closely related to Cross-site Scripting (XSS). HTML injection uses HTML to deface the page. XSS, as the name implies, injects JavaScript into the page. Both attacks exploit insufficient validation of user input.
Attack Vector: NetworkPrivileges: NoneUser Interaction: Required
0
0
Attacker Value
Unknown

CVE-2022-3242

Disclosure Date: September 20, 2022 (last updated February 24, 2025)
Code Injection in GitHub repository microweber/microweber prior to 1.3.2.
Attack Vector: NetworkPrivileges: NoneUser Interaction: Required
0
0
Attacker Value
Unknown

CVE-2022-2777

Disclosure Date: August 11, 2022 (last updated February 24, 2025)
Cross-site Scripting (XSS) - Stored in GitHub repository microweber/microweber prior to 1.3.1.
Attack Vector: NetworkPrivileges: LowUser Interaction: Required
0
0
Attacker Value
Unknown

CVE-2022-2470

Disclosure Date: July 22, 2022 (last updated February 24, 2025)
Cross-site Scripting (XSS) - Reflected in GitHub repository microweber/microweber prior to 1.2.21.
Attack Vector: NetworkPrivileges: NoneUser Interaction: Required
0
0
Attacker Value
Unknown

CVE-2022-2495

Disclosure Date: July 22, 2022 (last updated February 24, 2025)
Cross-site Scripting (XSS) - Stored in GitHub repository microweber/microweber prior to 1.2.21.
Attack Vector: NetworkPrivileges: HighUser Interaction: Required
0
0
View More Topics  < Previous  Next >