5 matches found
EUVD-2024-55342
Microweber 2.0.15 contains a stored cross-site scripting vulnerability that allows authenticated attackers to inject malicious scripts into user profile fields. Attackers can input script payloads in the first name field that will execute when the profile is viewed by other users, potentially...
Microweber Reflected Cross-site scripting (XSS) vulnerability
A Reflected Cross-site scripting XSS vulnerability exists in '/search' in microweber 2.0.15 and earlier allowing unauthenticated remote attackers to inject arbitrary web script or HTML via the 'keywords' parameter...
CVE-2024-40101
A Reflected Cross-site scripting XSS vulnerability exists in '/search' in microweber 2.0.15 and earlier allowing unauthenticated remote attackers to inject arbitrary web script or HTML via the 'keywords' parameter...
CVE-2024-40101
A Reflected Cross-site scripting XSS vulnerability exists in '/search' in microweber 2.0.15 and earlier allowing unauthenticated remote attackers to inject arbitrary web script or HTML via the 'keywords' parameter...
Microweber 2.0.15 Cross Site Scripting
Exploit Title: Microweber =v2.0.15 - Reflected Cross-Site Scripting XSS Date: 16.07.2024 Exploit Author: Prerak Mittal Vendor Homepage: https://microweber.org/ Software Link: https://github.com/microweber/microweber/releases/tag/v2.0.15 Version: =v2.0.15 Tested on: Ubuntu 22.04 CVE : CVE-2024-401...