Shodan
Vulnerabilities
Vulnerable Software
Microweber:  >> Microweber  >> 1.1.3  Security Vulnerabilities
CVE-2022-1439
Reflected XSS on demo.microweber.org/demo/module/ in GitHub repository microweber/microweber prior to 1.2.15. Execute Arbitrary JavaScript as the attacked user. It's the only payload I found working, you might need to press "tab" but there is probably a paylaod that runs without user interaction.
CVSS Score
6.3
EPSS Score
0.383
Published
2022-04-22
CVE-2022-1036
Able to create an account with long password leads to memory corruption / Integer Overflow in GitHub repository microweber/microweber prior to 1.2.12.
CVSS Score
5.3
EPSS Score
0.007
Published
2022-03-22
CVE-2022-0968
The microweber application allows large characters to insert in the input field "fist & last name" which can allow attackers to cause a Denial of Service (DoS) via a crafted HTTP request. in microweber/microweber in GitHub repository microweber/microweber prior to 1.2.12.
CVSS Score
7.2
EPSS Score
0.011
Published
2022-03-15
CVE-2022-0963
Unrestricted XML Files Leads to Stored XSS in GitHub repository microweber/microweber prior to 1.2.12.
CVSS Score
5.7
EPSS Score
0.046
Published
2022-03-15
CVE-2022-0961
The microweber application allows large characters to insert in the input field "post title" which can allow attackers to cause a Denial of Service (DoS) via a crafted HTTP request. in GitHub repository microweber/microweber prior to 1.2.12.
CVSS Score
7.1
EPSS Score
0.018
Published
2022-03-15
CVE-2022-0954
Multiple Stored Cross-site Scripting (XSS) Vulnerabilities in Shop's Other Settings, Shop's Autorespond E-mail Settings and Shops' Payments Methods in GitHub repository microweber/microweber prior to 1.2.11.
CVSS Score
6.8
EPSS Score
0.058
Published
2022-03-15
CVE-2022-0930
File upload filter bypass leading to stored XSS in GitHub repository microweber/microweber prior to 1.2.12.
CVSS Score
8.0
EPSS Score
0.005
Published
2022-03-12
CVE-2022-0929
XSS on dynamic_text module in GitHub repository microweber/microweber prior to 1.2.11.
CVSS Score
6.8
EPSS Score
0.005
Published
2022-03-12
CVE-2022-0926
File upload filter bypass leading to stored XSS in GitHub repository microweber/microweber prior to 1.2.12.
CVSS Score
7.1
EPSS Score
0.003
Published
2022-03-12
CVE-2022-0921
Abusing Backup/Restore feature to achieve Remote Code Execution in GitHub repository microweber/microweber prior to 1.2.12.
CVSS Score
7.2
EPSS Score
0.061
Published
2022-03-11


Products
Pricing
Contact Us

Shodan ® - All rights reserved