Skip to main content

Microweber

94 CVEs product

Monthly

CVE-2018-1000826 PHP MEDIUM POC PATCH This Month

Microweber version <= 1.0.7 contains a Cross Site Scripting (XSS) vulnerability in Admin login form template that can result in Execution of JavaScript code. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS Microweber
NVD GitHub
CVSS 3.0
6.1
EPSS
1.3%
CVE-2018-17104 HIGH POC PATCH This Week

An issue was discovered in Microweber 1.0.7. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

CSRF Microweber
NVD GitHub
CVSS 3.0
8.8
EPSS
0.8%
CVE-2014-9464 HIGH POC This Week

SQL injection vulnerability in Category.php in Microweber CMS 0.95 before 20141209 allows remote attackers to execute arbitrary SQL commands via the category parameter when displaying a category,. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Microweber
NVD GitHub Exploit-DB
CVSS 2.0
7.5
EPSS
2.1%
CVE-2013-5984 MEDIUM POC PATCH This Month

Directory traversal vulnerability in userfiles/modules/admin/backup/delete.php in Microweber before 0.830 allows remote attackers to delete arbitrary files via a .. Rated medium severity (CVSS 6.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

Path Traversal PHP Microweber
NVD GitHub
CVSS 2.0
6.4
EPSS
1.1%
EPSS 1% CVSS 6.1
MEDIUM POC PATCH This Month

Microweber version <= 1.0.7 contains a Cross Site Scripting (XSS) vulnerability in Admin login form template that can result in Execution of JavaScript code. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS Microweber
NVD GitHub
EPSS 1% CVSS 8.8
HIGH POC PATCH This Week

An issue was discovered in Microweber 1.0.7. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

CSRF Microweber
NVD GitHub
EPSS 2% CVSS 7.5
HIGH POC This Week

SQL injection vulnerability in Category.php in Microweber CMS 0.95 before 20141209 allows remote attackers to execute arbitrary SQL commands via the category parameter when displaying a category,. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Microweber
NVD GitHub Exploit-DB
EPSS 1% CVSS 6.4
MEDIUM POC PATCH This Month

Directory traversal vulnerability in userfiles/modules/admin/backup/delete.php in Microweber before 0.830 allows remote attackers to delete arbitrary files via a .. Rated medium severity (CVSS 6.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

Path Traversal PHP Microweber
NVD GitHub
Prev Page 2 of 2

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy