Skip to main content

Bitweaver

10 CVEs product

Monthly

CVE-2021-29033 MEDIUM POC This Month

A cross-site scripting (XSS) vulnerability in Bitweaver version 3.1.0 allows remote attackers to inject JavaScript via the /users/admin/edit_group.php URI. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP XSS Bitweaver
NVD GitHub
CVSS 3.1
4.8
EPSS
0.8%
CVE-2021-29032 MEDIUM POC This Month

A cross-site scripting (XSS) vulnerability in Bitweaver version 3.1.0 allows remote attackers to inject JavaScript via the /users/preferences.php URI. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP XSS Bitweaver
NVD GitHub
CVSS 3.1
4.8
EPSS
0.8%
CVE-2021-29031 MEDIUM POC This Month

A cross-site scripting (XSS) vulnerability in Bitweaver version 3.1.0 allows remote attackers to inject JavaScript via the /users/admin/users_import.php URI. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP XSS Bitweaver
NVD GitHub
CVSS 3.1
4.8
EPSS
0.9%
CVE-2021-29030 MEDIUM POC This Month

A cross-site scripting (XSS) vulnerability in Bitweaver version 3.1.0 allows remote attackers to inject JavaScript via the /users/admin/index.php URI. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP XSS Bitweaver
NVD GitHub
CVSS 3.1
4.8
EPSS
0.8%
CVE-2021-29029 MEDIUM POC This Month

A cross-site scripting (XSS) vulnerability in Bitweaver version 3.1.0 allows remote attackers to inject JavaScript via the /users/edit_personal_page.php URI. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP XSS Bitweaver
NVD GitHub
CVSS 3.1
4.8
EPSS
0.8%
CVE-2021-29028 MEDIUM POC This Month

A cross-site scripting (XSS) vulnerability in Bitweaver version 3.1.0 allows remote attackers to inject JavaScript via the /users/admin/user_activity.php URI. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP XSS Bitweaver
NVD GitHub
CVSS 3.1
4.8
EPSS
0.8%
CVE-2021-29027 MEDIUM POC This Month

A cross-site scripting (XSS) vulnerability in Bitweaver version 3.1.0 allows remote attackers to inject JavaScript via the /users/index.php URI. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP XSS Bitweaver
NVD GitHub
CVSS 3.1
4.8
EPSS
0.8%
CVE-2021-29026 MEDIUM POC This Month

A cross-site scripting (XSS) vulnerability in Bitweaver version 3.1.0 allows remote attackers to inject JavaScript via the /users/admin/permissions.php URI. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP XSS Bitweaver
NVD GitHub
CVSS 3.1
4.8
EPSS
0.8%
CVE-2021-29025 MEDIUM POC This Month

A cross-site scripting (XSS) vulnerability in Bitweaver version 3.1.0 allows remote attackers to inject JavaScript via the /users/my_images.php URI. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP XSS Bitweaver
NVD GitHub
CVSS 3.1
4.8
EPSS
0.8%
CVE-2012-5192 MEDIUM POC THREAT This Month

Directory traversal vulnerability in gmap/view_overlay.php in Bitweaver 2.8.1 and earlier allows remote attackers to read arbitrary files via "''%2F" (dot dot encoded slash) sequences in the. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 58.3%.

PHP Path Traversal Bitweaver
NVD Exploit-DB
CVSS 2.0
5.0
EPSS
58.3%
Threat
4.2
EPSS 1% CVSS 4.8
MEDIUM POC This Month

A cross-site scripting (XSS) vulnerability in Bitweaver version 3.1.0 allows remote attackers to inject JavaScript via the /users/admin/edit_group.php URI. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP XSS Bitweaver
NVD GitHub
EPSS 1% CVSS 4.8
MEDIUM POC This Month

A cross-site scripting (XSS) vulnerability in Bitweaver version 3.1.0 allows remote attackers to inject JavaScript via the /users/preferences.php URI. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP XSS Bitweaver
NVD GitHub
EPSS 1% CVSS 4.8
MEDIUM POC This Month

A cross-site scripting (XSS) vulnerability in Bitweaver version 3.1.0 allows remote attackers to inject JavaScript via the /users/admin/users_import.php URI. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP XSS Bitweaver
NVD GitHub
EPSS 1% CVSS 4.8
MEDIUM POC This Month

A cross-site scripting (XSS) vulnerability in Bitweaver version 3.1.0 allows remote attackers to inject JavaScript via the /users/admin/index.php URI. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP XSS Bitweaver
NVD GitHub
EPSS 1% CVSS 4.8
MEDIUM POC This Month

A cross-site scripting (XSS) vulnerability in Bitweaver version 3.1.0 allows remote attackers to inject JavaScript via the /users/edit_personal_page.php URI. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP XSS Bitweaver
NVD GitHub
EPSS 1% CVSS 4.8
MEDIUM POC This Month

A cross-site scripting (XSS) vulnerability in Bitweaver version 3.1.0 allows remote attackers to inject JavaScript via the /users/admin/user_activity.php URI. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP XSS Bitweaver
NVD GitHub
EPSS 1% CVSS 4.8
MEDIUM POC This Month

A cross-site scripting (XSS) vulnerability in Bitweaver version 3.1.0 allows remote attackers to inject JavaScript via the /users/index.php URI. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP XSS Bitweaver
NVD GitHub
EPSS 1% CVSS 4.8
MEDIUM POC This Month

A cross-site scripting (XSS) vulnerability in Bitweaver version 3.1.0 allows remote attackers to inject JavaScript via the /users/admin/permissions.php URI. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP XSS Bitweaver
NVD GitHub
EPSS 1% CVSS 4.8
MEDIUM POC This Month

A cross-site scripting (XSS) vulnerability in Bitweaver version 3.1.0 allows remote attackers to inject JavaScript via the /users/my_images.php URI. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP XSS Bitweaver
NVD GitHub
EPSS 58% 4.2 CVSS 5.0
MEDIUM POC THREAT This Month

Directory traversal vulnerability in gmap/view_overlay.php in Bitweaver 2.8.1 and earlier allows remote attackers to read arbitrary files via "''%2F" (dot dot encoded slash) sequences in the. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 58.3%.

PHP Path Traversal Bitweaver
NVD Exploit-DB

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy