Microweber: Security Vulnerabilities
Unrestricted file upload leads to stored XSS in GitHub repository microweber/microweber prior to 1.1.12.
CVSS Score
4.3
EPSS Score
0.002
Published
2022-03-10
Static Code Injection in GitHub repository microweber/microweber prior to 1.3.
CVSS Score
7.7
EPSS Score
0.012
Published
2022-03-10
Improper Neutralization of Special Elements Used in a Template Engine in GitHub repository microweber/microweber prior to 1.3.
CVSS Score
7.1
EPSS Score
0.01
Published
2022-03-09
Improper Resolution of Path Equivalence in GitHub repository microweber-dev/whmcs_plugin prior to 0.0.4.
CVSS Score
7.4
EPSS Score
0.006
Published
2022-03-04
Weak Password Recovery Mechanism for Forgotten Password in GitHub repository microweber/microweber prior to 1.3.
CVSS Score
7.3
EPSS Score
0.005
Published
2022-03-01
Cross-site Scripting (XSS) - Reflected in GitHub repository microweber/microweber prior to 1.2.11.
CVSS Score
8.0
EPSS Score
0.004
Published
2022-02-26
Incorrect Authorization in GitHub repository microweber/microweber prior to 1.3.
CVSS Score
5.5
EPSS Score
0.002
Published
2022-02-26
Cross-site Scripting (XSS) - Stored in GitHub repository microweber/microweber prior to 1.3.
CVSS Score
4.3
EPSS Score
0.002
Published
2022-02-26
Insertion of Sensitive Information Into Debugging Code in GitHub repository microweber/microweber prior to 1.3.
CVSS Score
8.8
EPSS Score
0.004
Published
2022-02-23
Insecure Storage of Sensitive Information in GitHub repository microweber/microweber prior to 1.3.
CVSS Score
9.1
EPSS Score
0.005
Published
2022-02-23