CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 1CVE-2022-0689 – Use multiple time the one-time coupon in microweber/microweber
https://notcve.org/view.php?id=CVE-2022-0689
Use multiple time the one-time coupon in Packagist microweber/microweber prior to 1.2.11. Un uso múltiples veces del cupón de un solo uso en Packagist microweber/microweber versiones anteriores a 1.2.11 • https://github.com/microweber/microweber/commit/c3c25ae6c421bb4a65df9e0035edcc2f75594a04 https://huntr.dev/bounties/fa5dbbd3-97fe-41a9-8797-2e54d9a9c649 • CWE-840: Business Logic Errors •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 1CVE-2022-0678 – Cross-site Scripting (XSS) - Reflected in microweber/microweber
https://notcve.org/view.php?id=CVE-2022-0678
Cross-site Scripting (XSS) - Reflected in Packagist microweber/microweber prior to 1.2.11. Una vulnerabilidad de tipo Cross-site Scripting (XSS) - Reflejado en Packagist microweber/microweber antes de 1.2.11 • https://github.com/microweber/microweber/commit/2b8fa5aac31e51e2aca83c7ef5d1281ba2e755f8 https://huntr.dev/bounties/d707137a-aace-44c5-b15c-1807035716c0 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 7.6EPSS: 2%CPEs: 1EXPL: 1CVE-2022-0666 – CRLF Injection leads to Stack Trace Exposure due to lack of filtering at https://demo.microweber.org/ in microweber/microweber
https://notcve.org/view.php?id=CVE-2022-0666
CRLF Injection leads to Stack Trace Exposure due to lack of filtering at https://demo.microweber.org/ in Packagist microweber/microweber prior to 1.2.11. Una inyección de CRLF conlleva a una Exposición de Trazas de Pila debido a una falta de filtrado en https://demo.microweber.org/ en Packagist microweber/microweber versiones anteriores a 1.2.11 • https://github.com/microweber/microweber/commit/f0e338f1b7dc5ec9d99231f4ed3fa6245a5eb128 https://huntr.dev/bounties/7215afc7-9133-4749-8e8e-0569317dbd55 • CWE-93: Improper Neutralization of CRLF Sequences ('CRLF Injection') •
CVSS: 9.4EPSS: 0%CPEs: 1EXPL: 1CVE-2022-0660 – Generation of Error Message Containing Sensitive Information in microweber/microweber
https://notcve.org/view.php?id=CVE-2022-0660
Generation of Error Message Containing Sensitive Information in Packagist microweber/microweber prior to 1.2.11. Una Generación de un Mensaje de Error que Contiene Información Confidencial en Packagist microweber/microweber versiones anteriores a 1.2.11 • https://github.com/microweber/microweber/commit/2417bd2eda2aa2868c1dad1abf62341f22bfc20a https://huntr.dev/bounties/01fd2e0d-b8cf-487f-a16c-7b088ef3a291 • CWE-209: Generation of Error Message Containing Sensitive Information •
CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0CVE-2022-0638 – Cross-Site Request Forgery (CSRF) in microweber/microweber
https://notcve.org/view.php?id=CVE-2022-0638
Cross-Site Request Forgery (CSRF) in Packagist microweber/microweber prior to 1.2.11. Una vulnerabilidad de tipo Cross-Site Request Forgery (CSRF) en Packagist microweber/microweber versiones anteriores a 1.2.11 • https://github.com/microweber/microweber/commit/756096da1260f29ff6f4532234d93d8e41dd5aa8 https://huntr.dev/bounties/9d3d883c-d74c-4fe2-9978-a8e3d1ccf9f3 • CWE-352: Cross-Site Request Forgery (CSRF) •