Page 13 of 81 results (0.009 seconds)

CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 1

Use multiple time the one-time coupon in Packagist microweber/microweber prior to 1.2.11. Un uso múltiples veces del cupón de un solo uso en Packagist microweber/microweber versiones anteriores a 1.2.11 • https://github.com/microweber/microweber/commit/c3c25ae6c421bb4a65df9e0035edcc2f75594a04 https://huntr.dev/bounties/fa5dbbd3-97fe-41a9-8797-2e54d9a9c649 • CWE-840: Business Logic Errors •

CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 1

Cross-site Scripting (XSS) - Reflected in Packagist microweber/microweber prior to 1.2.11. Una vulnerabilidad de tipo Cross-site Scripting (XSS) - Reflejado en Packagist microweber/microweber antes de 1.2.11 • https://github.com/microweber/microweber/commit/2b8fa5aac31e51e2aca83c7ef5d1281ba2e755f8 https://huntr.dev/bounties/d707137a-aace-44c5-b15c-1807035716c0 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 7.6EPSS: 2%CPEs: 1EXPL: 1

CRLF Injection leads to Stack Trace Exposure due to lack of filtering at https://demo.microweber.org/ in Packagist microweber/microweber prior to 1.2.11. Una inyección de CRLF conlleva a una Exposición de Trazas de Pila debido a una falta de filtrado en https://demo.microweber.org/ en Packagist microweber/microweber versiones anteriores a 1.2.11 • https://github.com/microweber/microweber/commit/f0e338f1b7dc5ec9d99231f4ed3fa6245a5eb128 https://huntr.dev/bounties/7215afc7-9133-4749-8e8e-0569317dbd55 • CWE-93: Improper Neutralization of CRLF Sequences ('CRLF Injection') •

CVSS: 9.4EPSS: 0%CPEs: 1EXPL: 1

Generation of Error Message Containing Sensitive Information in Packagist microweber/microweber prior to 1.2.11. Una Generación de un Mensaje de Error que Contiene Información Confidencial en Packagist microweber/microweber versiones anteriores a 1.2.11 • https://github.com/microweber/microweber/commit/2417bd2eda2aa2868c1dad1abf62341f22bfc20a https://huntr.dev/bounties/01fd2e0d-b8cf-487f-a16c-7b088ef3a291 • CWE-209: Generation of Error Message Containing Sensitive Information •

CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0

Cross-Site Request Forgery (CSRF) in Packagist microweber/microweber prior to 1.2.11. Una vulnerabilidad de tipo Cross-Site Request Forgery (CSRF) en Packagist microweber/microweber versiones anteriores a 1.2.11 • https://github.com/microweber/microweber/commit/756096da1260f29ff6f4532234d93d8e41dd5aa8 https://huntr.dev/bounties/9d3d883c-d74c-4fe2-9978-a8e3d1ccf9f3 • CWE-352: Cross-Site Request Forgery (CSRF) •