CVE Search Engine - Security Vulnerabilities and Exploits Search Tool | Vulners.com

🔥 Daily Hot!

💪🏽 CPE Enhanced Advisories

🕶 Shadow Exploits

🕵🏼 Vulners CPE

🔐 Security news

💻 Exploit updates

📑 Blogs review

🐧 Linux vulnerabilities

🤖 AI High Score

show all

65 matches found

NVD•added 2026/02/05 5:16 p.m.•2 views

CVE-2025-70792

Cross Site Scripting vulnerability in the "/admin/category/create" endpoint of Microweber 2.0.19. An attacker can manipulate the "relid" parameter in a crafted URL and lure a user with admin privileges into visiting it, achieving JavaScript code execution in the victim's browser. The issue was...

6.1CVSS0.0002EPSS

Exploits1References2

RedhatCVE•added 2026/01/09 9:12 a.m.•6 views

CVE-2022-0912

Unrestricted Upload of File with Dangerous Type in GitHub repository microweber/microweber prior to 1.2.11...

4.8CVSS6.8AI score0.00195EPSS

Exploits1References1

RedhatCVE•added 2026/01/09 8:41 a.m.•5 views

CVE-2022-0961

The microweber application allows large characters to insert in the input field "post title" which can allow attackers to cause a Denial of Service DoS via a crafted HTTP request. in GitHub repository microweber/microweber prior to 1.2.12...

7.1CVSS6.5AI score0.01843EPSS

Exploits1References1

RedhatCVE•added 2026/01/09 8:41 a.m.•5 views

CVE-2022-0930

File upload filter bypass leading to stored XSS in GitHub repository microweber/microweber prior to 1.2.12...

8CVSS5.8AI score0.00496EPSS

Exploits1References1

CVE•added 2025/12/11 9:34 p.m.•2 views

CVE-2024-58289

CVE-2024-58289 describes a stored cross-site scripting (XSS) in Microweber 2.0.15, where an authenticated attacker can inject script payloads into user profile fields (notably the First Name) that execute when other users view the profile. Multiple connected sources confirm the vulnerability and ...

5.4CVSS5.8AI score0.00045EPSS

Exploits1References4Affected Software1

EUVD•added 2025/10/07 12:30 a.m.•1 views

EUVD-2021-23063

Malware in sbrugna...

8.8CVSS8.6AI score0.00354EPSS

Exploits1References2

EUVD•added 2025/10/07 12:30 a.m.•1 views

EUVD-2013-5814

Malware in sbrugna...

6.4CVSS6.3AI score0.01122EPSS

Exploits2References5

EUVD•added 2025/10/03 8:7 p.m.•1 views

EUVD-2022-1573

Malicious code in bioql PyPI...

9.8CVSS7.7AI score0.01204EPSS

Exploits1References4

EUVD•added 2025/10/03 8:7 p.m.•2 views

EUVD-2023-3258

Malicious code in bioql PyPI...

7.5CVSS7.5AI score0.00332EPSS

Exploits1References4

EUVD•added 2025/10/03 8:7 p.m.•1 views

EUVD-2022-1048

Malicious code in bioql PyPI...

7.6CVSS6.5AI score0.00384EPSS

Exploits1References4

EUVD•added 2025/10/03 8:7 p.m.•1 views

EUVD-2022-1446

Malicious code in bioql PyPI...

7.1CVSS6.2AI score0.01843EPSS

Exploits1References4

EUVD•added 2025/10/03 8:7 p.m.•1 views

EUVD-2022-5825

Malicious code in bioql PyPI...

6.1CVSS6.2AI score0.00398EPSS

Exploits1References6

EUVD•added 2025/10/03 8:7 p.m.•1 views

EUVD-2022-1365

Malicious code in bioql PyPI...

7.5CVSS7.4AI score0.00509EPSS

Exploits1References4

Veracode•added 2025/08/20 11:3 a.m.•1 views

Cross-site Scripting (XSS)

microweber/microweber is vulnerable to Cross-Site Scripting XSS. The vulnerability is due to improper input sanitization due to malicious scripts being injected into user profile fields, which execute in admin browsers...

7.6CVSS6.5AI score0.0052EPSS

Exploits1References5Affected Software1

Veracode•added 2025/08/20 6:34 a.m.•1 views

Reflected Cross Site Scripting (XSS)

microweber/microweber is vulnerable to Reflected Cross-Site Scripting XSS. The vulnerability is due to improper validation of the layout parameter on the /admin/page/create page, which allows arbitrary JavaScript execution in the context of authenticated admin users...

6.1CVSS6.5AI score0.00218EPSS

Exploits1References5Affected Software1

RedhatCVE•added 2025/05/23 10:24 a.m.•5 views

CVE-2024-40101

A Reflected Cross-site scripting XSS vulnerability exists in '/search' in microweber 2.0.15 and earlier allowing unauthenticated remote attackers to inject arbitrary web script or HTML via the 'keywords' parameter...

7.2CVSS5.9AI score0.0115EPSS

RedhatCVE•added 2025/05/23 7:56 a.m.•3 views

CVE-2024-33297

Cross Site Scripting vulnerability in Microweber v.2.0.9 allows a remote attacker to execute arbitrary code via the campaign Name Internal Name field in the Add new campaign function...

4.7CVSS7.2AI score0.01414EPSS

Exploits4References1

RedhatCVE•added 2025/05/23 7:1 a.m.•4 views

CVE-2024-33298

Microweber Cross Site Scripting vulnerability in Microweber v.2.0.9 allows a remote attacker to execute arbitrary code via the create new backup function in the endpoint /admin/module/view?type=adminbackup...

6.1CVSS7.2AI score0.01761EPSS

Exploits4References1

RedhatCVE•added 2025/05/23 1:46 a.m.•4 views

CVE-2023-48122

An issue in microweber v.2.0.1 and fixed in v.2.0.4 allows a remote attacker to obtain sensitive information via the HTTP GET method...

7.5CVSS6.4AI score0.00332EPSS

Exploits1References1

RedhatCVE•added 2025/05/23 12:50 a.m.•4 views

CVE-2022-2368

Authentication Bypass by Spoofing in GitHub repository microweber/microweber prior to 1.2.20...

9.8CVSS7.8AI score0.00121EPSS

Exploits1References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by