Known Vulnerabilities for products from Microweber
Listed below are 20 of the newest known vulnerabilities associated with the vendor "Microweber".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2023-49052 json | 8.8 - HIGH | 2023-11-30 | 2023-12-05 | |
| CVE-2023-47379 json | Microweber CMS version 2.0.1 is vulnerable to stored Cross Site Scripting (XSS) via the profile picture file upload functiona... | 5.4 - MEDIUM | 2023-11-08 | 2023-11-15 |
| CVE-2023-5976 json | Improper Access Control in GitHub repository microweber/microweber prior to 2.0. | 4.3 - MEDIUM | 2023-11-07 | 2023-11-14 |
| CVE-2023-5861 json | Cross-site Scripting (XSS) - Stored in GitHub repository microweber/microweber prior to 2.0. | 4.8 - MEDIUM | 2023-10-31 | 2023-11-08 |
| CVE-2023-5318 json | Use of Hard-coded Credentials in GitHub repository microweber/microweber prior to 2.0. | 7.5 - HIGH | 2023-09-30 | 2023-10-02 |
| CVE-2023-5244 json | Cross-site Scripting (XSS) - Reflected in GitHub repository microweber/microweber prior to 2.0. | 6.1 - MEDIUM | 2023-09-28 | 2023-09-29 |
| CVE-2023-3142 json | Cross-site Scripting (XSS) - Stored in GitHub repository microweber/microweber prior to 2.0. | 5.4 - MEDIUM | 2023-06-07 | 2023-06-14 |
| CVE-2023-2240 json | Improper Privilege Management in GitHub repository microweber/microweber prior to 1.3.4. | 8.8 - HIGH | 2023-04-22 | 2023-05-02 |
| CVE-2023-2239 json | Exposure of Private Personal Information to an Unauthorized Actor in GitHub repository microweber/microweber prior to 1.3.4. | 6.5 - MEDIUM | 2023-04-22 | 2023-04-28 |
| CVE-2023-2014 json | Cross-site Scripting (XSS) - Generic in GitHub repository microweber/microweber prior to 1.3.3. | 4.8 - MEDIUM | 2023-04-13 | 2023-04-21 |
| CVE-2023-1881 json | Cross-site Scripting (XSS) - Stored in GitHub repository microweber/microweber prior to 1.3.3. | 5.4 - MEDIUM | 2023-04-05 | 2023-04-11 |
| CVE-2023-1877 json | Command Injection in GitHub repository microweber/microweber prior to 1.3.3. | 9.8 - CRITICAL | 2023-04-05 | 2023-04-11 |
| CVE-2023-1081 json | Cross-site Scripting (XSS) - Stored in GitHub repository microweber/microweber prior to 1.3.3. | 4.8 - MEDIUM | 2023-02-28 | 2023-03-04 |
| CVE-2023-0608 json | Cross-site Scripting (XSS) - DOM in GitHub repository microweber/microweber prior to 1.3.2. | 5.4 - MEDIUM | 2023-02-01 | 2023-02-08 |
| CVE-2022-33012 json | Microweber v1.2.15 was discovered to allow attackers to perform an account takeover via a host header injection attack. | 8.8 - HIGH | 2022-11-22 | 2022-11-28 |
| CVE-2022-4732 json | Unrestricted Upload of File with Dangerous Type in GitHub repository microweber/microweber prior to 1.3.2. | 7.2 - HIGH | 2022-12-27 | 2023-01-05 |
| CVE-2022-4647 json | Cross-site Scripting (XSS) - Stored in GitHub repository microweber/microweber prior to 1.3.2. | 6.1 - MEDIUM | 2022-12-22 | 2022-12-24 |
| CVE-2022-4617 json | Cross-site Scripting (XSS) - Reflected in GitHub repository microweber/microweber prior to 1.3.2. | 6.1 - MEDIUM | 2022-12-21 | 2022-12-24 |
| CVE-2022-3245 json | HTML injection attack is closely related to Cross-site Scripting (XSS). HTML injection uses HTML to deface the page. XSS, as ... | 6.1 - MEDIUM | 2022-09-20 | 2022-09-22 |
| CVE-2022-3242 json | Code Injection in GitHub repository microweber/microweber prior to 1.3.2. | 6.1 - MEDIUM | 2022-09-20 | 2022-09-21 |
Known software with vulnerabilities from Microweber
| Type | Vendor | Product | Version |
|---|---|---|---|
| Application | Microweber | Microweber | 0.750 |