Static Code Injection in GitHub repository microweber/microweber prior to 1.3.
oryginał ENCVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HMicroweber
APPMicroweber< 1.3
🔵
ZWERYFIKUJ U PRODUCENTA
Brak jednoznacznych danych o patchu. Sprawdź referencje od producenta.
Powiązane podatności
CVE-2023-1877CRITICAL9.8ten sam produkt
Command Injection in GitHub repository microweber/microweber prior to 1.3.3.
CVE-2020-23138CRITICAL9.8ten sam produkt
An unrestricted file upload vulnerability was discovered in the Microweber 1.1.18 admin account page. An attac...
CVE-2025-60954HIGH8.3ten sam produkt
Microweber CMS 2.0 has Weak Password Requirements. The application does not enforce minimum password length or...
CVE-2025-51504HIGH7.6ten sam produkt
Microweber CMS 2.0 is vulnerable to Cross Site Scripting (XSS)in the /projects/profile, homepage endpoint via ...
CVE-2025-51503HIGH7.6ten sam produkt
A Stored Cross-Site Scripting (XSS) vulnerability in Microweber CMS 2.0 allows attackers to inject malicious s...