microweber/microweber Security Advisories for v1.3.3 (12)
-
[MEDIUM] Business Logic Errors in microweber/microweber
PKSA-y5qg-3krh-f9b5 CVE-2023-6832 GHSA-qjfx-fvx7-3wvw
Affected version: <2.0.0
Reported by:
GitHub -
[LOW] Microweber missing standardized error handling mechanism
PKSA-3c1q-3392-wkmp CVE-2023-6599 GHSA-9r6p-hg4g-5gxp
Affected version: <2.0.0
Reported by:
GitHub -
[MEDIUM] Microweber file upload vulnerability
PKSA-xs75-x9v8-bkhn CVE-2023-49052 GHSA-2c7x-w3mx-h7p6
Affected version: <=2.0.4
Reported by:
GitHub -
[MEDIUM] Microweber Improper Access Control vulnerability
PKSA-74rd-c6sw-mfrp CVE-2023-5976 GHSA-q57g-38pc-jwv8
Affected version: <2.0.0
Reported by:
GitHub -
[MEDIUM] Microweber Cross-site Scripting vulnerability
PKSA-n7r8-zpqq-jfjd CVE-2023-47379 GHSA-jmwm-w2rm-prv9
Affected version: <2.0.3
Reported by:
GitHub -
[MEDIUM] Cross-site Scripting (XSS) in microweber/microweber
PKSA-md65-d7tx-bbhf CVE-2023-5861 GHSA-7q5f-29gx-57ff
Affected version: <2.0.0
Reported by:
GitHub -
[MEDIUM] Microweber uses hard coded credentials
PKSA-m9c6-mgh7-jfgc CVE-2023-5318 GHSA-r657-3wqh-g2x9
Affected version: <=1.3.4
Reported by:
GitHub -
[MEDIUM] Microweber Cross-site Scripting vulnerability
PKSA-z3vy-k1wh-bn3g CVE-2023-5244 GHSA-rgf9-j7gv-rq22
Affected version: <=1.3.4
Reported by:
GitHub -
[MEDIUM] Microweber Business Logic Errors
PKSA-xhwv-tsn6-jm7k CVE-2023-6566 GHSA-3rpx-pgmf-j96h
Affected version: <2.0.0
Reported by:
GitHub, FriendsOfPHP/security-advisories -
[MEDIUM] Microweber Cross-site Scripting vulnerability
PKSA-zb2q-hcnk-cg6k CVE-2023-3142 GHSA-fqcv-rfp6-wv92
Affected version: <=1.3.4
Reported by:
GitHub -
[MEDIUM] Information exposure in microweber
PKSA-279x-12x2-x9t1 CVE-2023-2239 GHSA-h83h-77x2-6w6g
Affected version: <1.3.4
Reported by:
GitHub -
[HIGH] Improper Privilege Management in microweber
PKSA-885q-z461-7kxw CVE-2023-2240 GHSA-r6xq-xcxc-fghx
Affected version: <1.3.4
Reported by:
GitHub