Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

71 matches found

RedhatCVE
RedhatCVEadded 2026/01/09 8:41 a.m.6 views

CVE-2022-0379

Cross-site Scripting XSS - Stored in Packagist microweber/microweber prior to 1.2.11...

8.1CVSS5.8AI score0.00342EPSS
Exploits1References1
Cvelist
Cvelistadded 2023/12/15 12:0 a.m.11 views

CVE-2023-6832 Business Logic Errors in microweber/microweber

Business Logic Errors in GitHub repository microweber/microweber prior to 2.0...

6CVSS4.9AI score0.00142EPSS
Exploits1References2
Vulnrichment
Vulnrichmentadded 2023/12/15 12:0 a.m.10 views

CVE-2023-6832 Business Logic Errors in microweber/microweber

Business Logic Errors in GitHub repository microweber/microweber prior to 2.0...

6CVSS7.1AI score0.00142EPSS
Exploits1References2
CVE
CVEadded 2023/11/07 12:0 a.m.47 views

CVE-2023-5976

The CVE-2023-5976 entry concerns Microweber (microweber/microweber) prior to version 2.0.0 with an improper access control flaw. Multiple connected sources identify the root cause as insufficient restrictions that allow unauthorized actions (e.g., commenting on unpublished blog content). Context ...

4.6CVSS4.5AI score0.0008EPSS
Exploits1References2Affected Software1
Vulnrichment
Vulnrichmentadded 2023/09/28 12:0 a.m.12 views

CVE-2023-5244 Cross-site Scripting (XSS) - Reflected in microweber/microweber

Cross-site Scripting XSS - Reflected in GitHub repository microweber/microweber prior to 2.0...

5CVSS6AI score0.28933EPSS
Exploits0References2
Cvelist
Cvelistadded 2023/02/01 12:0 a.m.9 views

CVE-2023-0608 Cross-site Scripting (XSS) - DOM in microweber/microweber

Cross-site Scripting XSS - DOM in GitHub repository microweber/microweber prior to 1.3.2...

6.3CVSS5.5AI score0.00453EPSS
Exploits1References2
Cvelist
Cvelistadded 2022/07/22 2:24 p.m.18 views

CVE-2022-2470 Cross-site Scripting (XSS) - Reflected in microweber/microweber

Cross-site Scripting XSS - Reflected in GitHub repository microweber/microweber prior to 1.2.21...

6.5CVSS6.2AI score0.00498EPSS
Exploits1References2
Cvelist
Cvelistadded 2022/07/09 12:0 a.m.15 views

CVE-2022-2353 Cross-Site Request Forgery (CSRF) in microweber/microweber

Prior to microweber/microweber v1.2.20, due to improper neutralization of input, an attacker can steal tokens to perform cross-site request forgery, fetch contents from same-site and redirect a user...

6.3CVSS6.3AI score0.00121EPSS
Exploits1References2
Cvelist
Cvelistadded 2022/07/01 8:15 a.m.13 views

CVE-2022-2280 Cross-site Scripting (XSS) - Stored in microweber/microweber

Cross-site Scripting XSS - Stored in GitHub repository microweber/microweber prior to 1.2.19...

6.5CVSS5.5AI score0.00322EPSS
Exploits1References2
Cvelist
Cvelistadded 2022/06/22 12:0 p.m.13 views

CVE-2022-2174 Cross-site Scripting (XSS) - Reflected in microweber/microweber

Cross-site Scripting XSS - Reflected in GitHub repository microweber/microweber prior to 1.2.18...

6.5CVSS6.2AI score0.35129EPSS
Exploits1References2
OSV
OSVadded 2022/06/20 8:45 a.m.13 views

CVE-2022-2130 Cross-site Scripting (XSS) - Reflected in microweber/microweber

Cross-site Scripting XSS - Reflected in GitHub repository microweber/microweber prior to 1.2.17...

6.5CVSS6.7AI score0.43672EPSS
Exploits1References4
Cvelist
Cvelistadded 2022/05/09 2:10 p.m.11 views

CVE-2022-1631 Users Account Pre-Takeover or Users Account Takeover. in microweber/microweber

Users Account Pre-Takeover or Users Account Takeover. in GitHub repository microweber/microweber prior to 1.2.15. Victim Account Take Over. Since, there is no email confirmation, an attacker can easily create an account in the application using the Victim’s Email. This allows an attacker to gain...

6.8CVSS9.1AI score0.11741EPSS
Exploits4References3
Cvelist
Cvelistadded 2022/05/04 5:0 p.m.12 views

CVE-2022-1584 Reflected XSS in microweber/microweber

Reflected XSS in GitHub repository microweber/microweber prior to 1.2.16. Executing JavaScript as the victim...

6.3CVSS6.2AI score0.00321EPSS
Exploits1References2
Prion
Prionadded 2022/04/27 11:15 a.m.9 views

Cross site scripting

XSS in /demo/module/?module=HERE in GitHub repository microweber/microweber prior to 1.2.15. Typical impact of XSS attacks...

4.3CVSS6AI score0.00345EPSS
Exploits1References2Affected Software1
Cvelist
Cvelistadded 2022/04/27 10:35 a.m.12 views

CVE-2022-1504 XSS in /demo/module/?module=HERE in microweber/microweber

XSS in /demo/module/?module=HERE in GitHub repository microweber/microweber prior to 1.2.15. Typical impact of XSS attacks...

6.3CVSS6.2AI score0.00345EPSS
Exploits1References2
NVD
NVDadded 2022/04/22 5:15 p.m.13 views

CVE-2022-1439

Reflected XSS on demo.microweber.org/demo/module/ in GitHub repository microweber/microweber prior to 1.2.15. Execute Arbitrary JavaScript as the attacked user. It's the only payload I found working, you might need to press "tab" but there is probably a paylaod that runs without user interaction...

6.3CVSS0.43794EPSS
Exploits1References2
OSV
OSVadded 2022/04/22 4:30 p.m.16 views

CVE-2022-1439 Reflected XSS on demo.microweber.org/demo/module/ in microweber/microweber

Reflected XSS on demo.microweber.org/demo/module/ in GitHub repository microweber/microweber prior to 1.2.15. Execute Arbitrary JavaScript as the attacked user. It's the only payload I found working, you might need to press "tab" but there is probably a paylaod that runs without user interaction...

6.3CVSS6.2AI score0.43794EPSS
Exploits1References4
Cvelist
Cvelistadded 2022/04/22 4:30 p.m.12 views

CVE-2022-1439 Reflected XSS on demo.microweber.org/demo/module/ in microweber/microweber

Reflected XSS on demo.microweber.org/demo/module/ in GitHub repository microweber/microweber prior to 1.2.15. Execute Arbitrary JavaScript as the attacked user. It's the only payload I found working, you might need to press "tab" but there is probably a paylaod that runs without user interaction...

6.3CVSS6.2AI score0.43794EPSS
Exploits1References2
OSV
OSVadded 2022/03/15 11:40 a.m.10 views

CVE-2022-0954 Multiple Stored Cross-site Scripting (XSS) Vulnerabilities in Shop's Other Settings, Shop's Autorespond E-mail Settings and Shops' Payments Methods in microweber/microweber

Multiple Stored Cross-site Scripting XSS Vulnerabilities in Shop's Other Settings, Shop's Autorespond E-mail Settings and Shops' Payments Methods in GitHub repository microweber/microweber prior to 1.2.11...

6.8CVSS6.1AI score0.04258EPSS
Exploits1References4
Cvelist
Cvelistadded 2022/03/12 1:20 p.m.9 views

CVE-2022-0930 File upload filter bypass leading to stored XSS in microweber/microweber

File upload filter bypass leading to stored XSS in GitHub repository microweber/microweber prior to 1.2.12...

8CVSS5.2AI score0.00496EPSS
Exploits1References2
Rows per page
Query Builder