Lucene search

CVE-2022-33012

🗓️ 22 Nov 2022 14:10:15Reported by mitreType

cve🔗 web.nvd.nist.gov📰️ 8 Media mentions👁 54 Views

Microweber v1.2.15 allows account takeover via host header injection attack

AI Insights are available for you today

Leverage the power of AI to quickly understand vulnerabilities, impacts, and exploitability

Reporter	Title	Published	Views	Family All 9
Veracode	Host Header Injection	24 Nov 202210:33	–	veracode
CNVD	Host Header Injection Vulnerability in Microweber	24 Nov 202200:00	–	cnvd
OSV	CVE-2022-33012	22 Nov 202214:15	–	osv
OSV	GHSA-RP7F-FHM8-9HPF Account Takeover Through Password Reset Poisoning	22 Nov 202215:30	–	osv
Cvelist	CVE-2022-33012	22 Nov 202200:00	–	cvelist
NVD	CVE-2022-33012	22 Nov 202214:15	–	nvd
Prion	Design/Logic Flaw	22 Nov 202214:15	–	prion
Vulnrichment	CVE-2022-33012	22 Nov 202200:00	–	vulnrichment
Github Security Blog	Account Takeover Through Password Reset Poisoning	22 Nov 202215:30	–	github

Nvd

Node

microweber microweberMatch1.2.15

Source	Link
pethuraj	www.pethuraj.com/blog/how-i-earned-800-for-host-header-injection-vulnerability/
github	www.github.com/microweber/microweber
blog	www.blog.jitendrapatro.me/cve-2022-33012-account-takeover-through-password-reset-poisoning/
github	www.github.com/swisskyrepo/PayloadsAllTheThings/tree/master/Account%20Takeover

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

22 Nov 2022 14:15Current

8.7High risk

Vulners AI Score8.7

CVSS38.8

EPSS0.00538

SSVC

CWE-74