VYPR

Microweber

by Microweber

Source repositories

CVEs (108)

  • CVE-2022-2252MedJun 29, 2022
    risk 0.33cvss 6.1epss 0.01

    Open Redirect in GitHub repository microweber/microweber prior to 1.2.19.

  • CVE-2022-2174MedJun 22, 2022
    risk 0.33cvss 6.1epss 0.03

    Cross-site Scripting (XSS) - Reflected in GitHub repository microweber/microweber prior to 1.2.18.

  • CVE-2022-2130MedJun 20, 2022
    risk 0.33cvss 6.1epss 0.03

    Cross-site Scripting (XSS) - Reflected in GitHub repository microweber/microweber prior to 1.2.17.

  • CVE-2022-1584MedMay 4, 2022
    risk 0.33cvss 6.1epss 0.01

    Reflected XSS in GitHub repository microweber/microweber prior to 1.2.16. Executing JavaScript as the victim

  • CVE-2022-1555MedMay 4, 2022
    risk 0.33cvss 6.1epss 0.01

    DOM XSS in microweber ver 1.2.15 in GitHub repository microweber/microweber prior to 1.2.16. inject arbitrary js code, deface website, steal cookie...

  • CVE-2022-1504MedApr 27, 2022
    risk 0.33cvss 6.1epss 0.01

    XSS in /demo/module/?module=HERE in GitHub repository microweber/microweber prior to 1.2.15. Typical impact of XSS attacks.

  • CVE-2022-1439MedApr 22, 2022
    risk 0.33cvss 6.1epss 0.03

    Reflected XSS on demo.microweber.org/demo/module/ in GitHub repository microweber/microweber prior to 1.2.15. Execute Arbitrary JavaScript as the attacked user. It's the only payload I found working, you might need to press "tab" but there is probably a paylaod that runs without…

  • CVE-2022-0929MedMar 12, 2022
    risk 0.33cvss 6.1epss 0.01

    XSS on dynamic_text module in GitHub repository microweber/microweber prior to 1.2.11.

  • CVE-2022-0690MedFeb 19, 2022
    risk 0.33cvss 6.1epss 0.01

    Cross-site Scripting (XSS) - Reflected in Packagist microweber/microweber prior to 1.2.11.

  • CVE-2022-0678MedFeb 19, 2022
    risk 0.33cvss 6.1epss 0.02

    Cross-site Scripting (XSS) - Reflected in Packagist microweber/microweber prior to 1.2.11.

  • CVE-2022-0597MedFeb 15, 2022
    risk 0.33cvss 6.1epss 0.03

    Open Redirect in Packagist microweber/microweber prior to 1.2.11.

  • CVE-2022-0560MedFeb 11, 2022
    risk 0.33cvss 6.1epss 0.01

    Open Redirect in Packagist microweber/microweber prior to 1.2.11.

  • CVE-2022-0968MedMar 15, 2022
    risk 0.29cvss 5.5epss 0.04

    The microweber application allows large characters to insert in the input field "fist & last name" which can allow attackers to cause a Denial of Service (DoS) via a crafted HTTP request. in microweber/microweber in GitHub repository microweber/microweber prior to 1.2.12.

  • CVE-2022-0961MedMar 15, 2022
    risk 0.29cvss 5.5epss 0.01

    The microweber application allows large characters to insert in the input field "post title" which can allow attackers to cause a Denial of Service (DoS) via a crafted HTTP request. in GitHub repository microweber/microweber prior to 1.2.12.

  • CVE-2022-0762MedFeb 26, 2022
    risk 0.29cvss 5.5epss 0.01

    Incorrect Authorization in GitHub repository microweber/microweber prior to 1.3.

  • CVE-2023-3142MedJun 7, 2023
    risk 0.28cvss 5.4epss 0.00

    Cross-site Scripting (XSS) - Stored in GitHub repository microweber/microweber prior to 2.0.

  • CVE-2023-1881MedApr 5, 2023
    risk 0.28cvss 5.4epss 0.00

    Cross-site Scripting (XSS) - Stored in GitHub repository microweber/microweber prior to 1.3.3.

  • CVE-2023-0608MedFeb 1, 2023
    risk 0.28cvss 5.4epss 0.01

    Cross-site Scripting (XSS) - DOM in GitHub repository microweber/microweber prior to 1.3.2.

  • CVE-2022-2777MedAug 11, 2022
    risk 0.28cvss 5.4epss 0.00

    Cross-site Scripting (XSS) - Stored in GitHub repository microweber/microweber prior to 1.3.1.

  • CVE-2022-2300MedJul 4, 2022
    risk 0.28cvss 5.4epss 0.01

    Cross-site Scripting (XSS) - Stored in GitHub repository microweber/microweber prior to 1.2.19.

Page 3 of 6