31 matches found
CVE-2022-0906
Unrestricted file upload leads to stored XSS in GitHub repository microweber/microweber prior to 1.1.12...
CVE-2022-0763
Cross-site Scripting XSS - Stored in GitHub repository microweber/microweber prior to 1.3...
CVE-2022-0724
Insecure Storage of Sensitive Information in GitHub repository microweber/microweber prior to 1.3...
CVE-2022-0723
Cross-site Scripting XSS - Reflected in GitHub repository microweber/microweber prior to 1.2.11...
CVE-2022-0895
Static Code Injection in GitHub repository microweber/microweber prior to 1.3...
EUVD-2023-0763
Malicious code in bioql PyPI...
EUVD-2022-1292
Malicious code in bioql PyPI...
EUVD-2022-1374
Malicious code in bioql PyPI...
EUVD-2022-1657
Malicious code in bioql PyPI...
CVE-2023-5861
Cross-site Scripting XSS - Stored in GitHub repository microweber/microweber prior to 2.0...
CVE-2023-2239
Exposure of Private Personal Information to an Unauthorized Actor in GitHub repository microweber/microweber prior to 1.3.4...
CVE-2022-1439
Reflected XSS on demo.microweber.org/demo/module/ in GitHub repository microweber/microweber prior to 1.2.15. Execute Arbitrary JavaScript as the attacked user. It's the only payload I found working, you might need to press "tab" but there is probably a paylaod that runs without user interaction...
CVE-2022-4617
Cross-site Scripting XSS - Reflected in GitHub repository microweber/microweber prior to 1.3.2...
CVE-2022-2280
Cross-site Scripting XSS - Stored in GitHub repository microweber/microweber prior to 1.2.19...
CVE-2022-2174
Cross-site Scripting XSS - Reflected in GitHub repository microweber/microweber prior to 1.2.18...
CVE-2022-2470
Cross-site Scripting XSS - Reflected in GitHub repository microweber/microweber prior to 1.2.21...
CVE-2023-3142 Cross-site Scripting (XSS) - Stored in microweber/microweber
Cross-site Scripting XSS - Stored in GitHub repository microweber/microweber prior to 2.0...
CVE-2023-2240 Improper Privilege Management in microweber/microweber
Improper Privilege Management in GitHub repository microweber/microweber prior to 1.3.4...
CVE-2023-2014 Cross-site Scripting (XSS) - Generic in microweber/microweber
Cross-site Scripting XSS - Generic in GitHub repository microweber/microweber prior to 1.3.3...
CVE-2023-1881
Cross-site Scripting XSS - Stored in GitHub repository microweber/microweber prior to 1.3.3...