Bitweaver@3.1.0 Security Vulnerabilities and Issues — Bitweaver@3.1.0 CVE List

Lucene search

BitweaverBitweaver3.1.0

9 matches found

CVE•added 2021/03/24 1:15 p.m.•34 views

CVE-2021-29030

A cross-site scripting (XSS) vulnerability in Bitweaver version 3.1.0 allows remote attackers to inject JavaScript via the /users/admin/index.php URI.

4.8CVSS4.9AI score0.00162EPSS

CVE•added 2021/03/24 1:15 p.m.•33 views

CVE-2021-29027

A cross-site scripting (XSS) vulnerability in Bitweaver version 3.1.0 allows remote attackers to inject JavaScript via the /users/index.php URI.

4.8CVSS4.9AI score0.00184EPSS

CVE•added 2021/03/24 1:15 p.m.•32 views

CVE-2021-29026

A cross-site scripting (XSS) vulnerability in Bitweaver version 3.1.0 allows remote attackers to inject JavaScript via the /users/admin/permissions.php URI.

4.8CVSS4.9AI score0.00146EPSS

CVE•added 2021/03/24 1:15 p.m.•31 views

CVE-2021-29031

A cross-site scripting (XSS) vulnerability in Bitweaver version 3.1.0 allows remote attackers to inject JavaScript via the /users/admin/users_import.php URI.

4.8CVSS4.9AI score0.00162EPSS

CVE•added 2021/03/24 1:15 p.m.•29 views

CVE-2021-29029

A cross-site scripting (XSS) vulnerability in Bitweaver version 3.1.0 allows remote attackers to inject JavaScript via the /users/edit_personal_page.php URI.

4.8CVSS4.9AI score0.00184EPSS

CVE•added 2021/03/24 1:15 p.m.•27 views

CVE-2021-29025

A cross-site scripting (XSS) vulnerability in Bitweaver version 3.1.0 allows remote attackers to inject JavaScript via the /users/my_images.php URI.

4.8CVSS4.9AI score0.00184EPSS

CVE•added 2021/03/24 1:15 p.m.•27 views

CVE-2021-29032

A cross-site scripting (XSS) vulnerability in Bitweaver version 3.1.0 allows remote attackers to inject JavaScript via the /users/preferences.php URI.

4.8CVSS4.9AI score0.00162EPSS

CVE•added 2021/03/24 1:15 p.m.•27 views

CVE-2021-29033

A cross-site scripting (XSS) vulnerability in Bitweaver version 3.1.0 allows remote attackers to inject JavaScript via the /users/admin/edit_group.php URI.

4.8CVSS4.9AI score0.00184EPSS

CVE•added 2021/03/24 1:15 p.m.•26 views

CVE-2021-29028

A cross-site scripting (XSS) vulnerability in Bitweaver version 3.1.0 allows remote attackers to inject JavaScript via the /users/admin/user_activity.php URI.

4.8CVSS4.9AI score0.00162EPSS