microweber/microweber Security Advisories for v1.3.2 (16)
-
[MEDIUM] Business Logic Errors in microweber/microweber
PKSA-y5qg-3krh-f9b5 CVE-2023-6832 GHSA-qjfx-fvx7-3wvw
Affected version: <2.0.0
Reported by:
GitHub -
[LOW] Microweber missing standardized error handling mechanism
PKSA-3c1q-3392-wkmp CVE-2023-6599 GHSA-9r6p-hg4g-5gxp
Affected version: <2.0.0
Reported by:
GitHub -
[MEDIUM] Microweber file upload vulnerability
PKSA-xs75-x9v8-bkhn CVE-2023-49052 GHSA-2c7x-w3mx-h7p6
Affected version: <=2.0.4
Reported by:
GitHub -
[MEDIUM] Microweber Improper Access Control vulnerability
PKSA-74rd-c6sw-mfrp CVE-2023-5976 GHSA-q57g-38pc-jwv8
Affected version: <2.0.0
Reported by:
GitHub -
[MEDIUM] Microweber Cross-site Scripting vulnerability
PKSA-n7r8-zpqq-jfjd CVE-2023-47379 GHSA-jmwm-w2rm-prv9
Affected version: <2.0.3
Reported by:
GitHub -
[MEDIUM] Cross-site Scripting (XSS) in microweber/microweber
PKSA-md65-d7tx-bbhf CVE-2023-5861 GHSA-7q5f-29gx-57ff
Affected version: <2.0.0
Reported by:
GitHub -
[MEDIUM] Microweber uses hard coded credentials
PKSA-m9c6-mgh7-jfgc CVE-2023-5318 GHSA-r657-3wqh-g2x9
Affected version: <=1.3.4
Reported by:
GitHub -
[MEDIUM] Microweber Cross-site Scripting vulnerability
PKSA-z3vy-k1wh-bn3g CVE-2023-5244 GHSA-rgf9-j7gv-rq22
Affected version: <=1.3.4
Reported by:
GitHub -
[MEDIUM] Microweber Business Logic Errors
PKSA-xhwv-tsn6-jm7k CVE-2023-6566 GHSA-3rpx-pgmf-j96h
Affected version: <2.0.0
Reported by:
GitHub, FriendsOfPHP/security-advisories -
[MEDIUM] Microweber Cross-site Scripting vulnerability
PKSA-zb2q-hcnk-cg6k CVE-2023-3142 GHSA-fqcv-rfp6-wv92
Affected version: <=1.3.4
Reported by:
GitHub -
[MEDIUM] Information exposure in microweber
PKSA-279x-12x2-x9t1 CVE-2023-2239 GHSA-h83h-77x2-6w6g
Affected version: <1.3.4
Reported by:
GitHub -
[HIGH] Improper Privilege Management in microweber
PKSA-885q-z461-7kxw CVE-2023-2240 GHSA-r6xq-xcxc-fghx
Affected version: <1.3.4
Reported by:
GitHub -
[MEDIUM] Microweber vulnerable to cross-site scripting (XSS)
PKSA-p47h-qx4x-x2bz CVE-2023-2014 GHSA-f4g6-c47x-qhww
Affected version: <1.3.3
Reported by:
GitHub -
[HIGH] Microweber vulnerable to stored cross-site scripting (XSS) via X-Forwarded-For header
PKSA-9pmn-8hgp-hp7r CVE-2023-1881 GHSA-hhjm-mpmf-cxg9
Affected version: <1.3.3
Reported by:
GitHub -
[MEDIUM] Microweber vulnerable to command injection
PKSA-qrb8-d4vh-dh64 CVE-2023-1877 GHSA-582p-2fpg-x226
Affected version: <1.3.3
Reported by:
GitHub -
[MEDIUM] Microweber Cross-site Scripting vulnerability
PKSA-gn5q-m2z9-rj2j CVE-2023-1081 GHSA-c2rc-8m9f-g4fh
Affected version: <=1.3.2
Reported by:
GitHub