5 matches found
Xss vulnerability in Button module
Steps 1.Visit https://demo.microweber.org 2.Click option 'Modules' in the left list 3.Click and go into the 'Button' 4.Click the 'edit url' and Enter the following javascript alert1 Proof of Concept Video javascript https://1drv.ms/v/s!Ai0UEGpMIb9scRgdvmX1sBCQu4A...
html injection on https://demo.microweber.org/demo/search.php?keywords=
Description hello team, I found an HTML injection on https://demo.microweber.org/demo/search.php?keywords= Proof of Concept https://demo.microweber.org/demo/search.php?keywords=ABC%3Cdiv%20style=%22%3E%3Cmarquee%3E%3Ch1%3Eyou%20are%20been%20hacked%20%3C/h1%3E%3C/marquee%3E...
GHSA-9W7H-3WWH-6M5Q Cross-site Scripting in Microweber
Microweber prior to 1.2.15 is vulnerable to reflected cross-site scripting on demo.microweber.org/demo/module/. This allows the execution of arbitrary JavaScript as the attacked user...
CVE-2022-1439
CVE-2022-1439 is a documented reflected cross-site scripting vulnerability affecting Microweber prior to version 1.2.15, where an attacker could execute arbitrary JavaScript in the context of the victim’s browser on the vulnerable page (demo.microweber.org/demo/module/). Multiple connected source...
CVE-2022-0666 CRLF Injection leads to Stack Trace Exposure due to lack of filtering at https://demo.microweber.org/ in microweber/microweber
CRLF Injection leads to Stack Trace Exposure due to lack of filtering at https://demo.microweber.org/ in Packagist microweber/microweber prior to 1.2.11...