Vulnerabilities in microweber
81 resultsCVE-2022-0557HIGHOS Command Injection in microweber/microweberEPSS 51.2%CVE-2022-0666HIGHCRLF Injection leads to Stack Trace Exposure due to lack of filtering at https://demo.microweber.org/ in microweber/microweberEPSS 44.3%CVE-2022-4732MEDIUMUnrestricted Upload of File with Dangerous Type in microweber/microweberEPSS 38.2%CVE-2022-0281HIGHExposure of Sensitive Information to an Unauthorized Actor in microweber/microweberEPSS 12.0%CVE-2022-1631MEDIUMUsers Account Pre-Takeover or Users Account Takeover. in microweber/microweberEPSS 8.8%CVE-2022-0660CRITICALGeneration of Error Message Containing Sensitive Information in microweber/microweberEPSS 6.9%CVE-2022-0378HIGHCross-site Scripting (XSS) - Reflected in microweber/microweberEPSS 3.9%CVE-2022-0968HIGHThe microweber application allows large characters to insert in the input field "fist & last name" which can allow attackers to cause a Denial of Service (DoS) via a crafted HTTP request. in microweber/microweber in microweber/microweberEPSS 3.7%CVE-2022-1439MEDIUMReflected XSS on demo.microweber.org/demo/module/ in microweber/microweberEPSS 3.2%CVE-2022-0954MEDIUMMultiple Stored Cross-site Scripting (XSS) Vulnerabilities in Shop's Other Settings, Shop's Autorespond E-mail Settings and Shops' Payments Methods in microweber/microweberEPSS 3.2%CVE-2022-0597MEDIUMOpen Redirect in microweber/microweberEPSS 3.0%CVE-2022-2130MEDIUMCross-site Scripting (XSS) - Reflected in microweber/microweberEPSS 2.9%CVE-2022-2174MEDIUMCross-site Scripting (XSS) - Reflected in microweber/microweberEPSS 2.8%CVE-2022-0928MEDIUMCross-site Scripting (XSS) - Stored in microweber/microweberEPSS 2.4%CVE-2022-0678MEDIUMCross-site Scripting (XSS) - Reflected in microweber/microweberEPSS 2.3%CVE-2022-0921HIGHAbusing Backup/Restore feature to achieve Remote Code Execution in microweber/microweberEPSS 2.1%CVE-2022-0963MEDIUMUnrestricted XML Files Leads to Stored XSS in microweber/microweberEPSS 1.9%CVE-2023-1877MEDIUMCommand Injection in microweber/microweberEPSS 1.8%CVE-2022-0895HIGHStatic Code Injection in microweber/microweberEPSS 1.7%CVE-2022-0282MEDIUMCross-site Scripting in microweber/microweberEPSS 1.6%