CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0CVE-2022-0638 – Cross-Site Request Forgery (CSRF) in microweber/microweber
https://notcve.org/view.php?id=CVE-2022-0638
Cross-Site Request Forgery (CSRF) in Packagist microweber/microweber prior to 1.2.11. Una vulnerabilidad de tipo Cross-Site Request Forgery (CSRF) en Packagist microweber/microweber versiones anteriores a 1.2.11 • https://github.com/microweber/microweber/commit/756096da1260f29ff6f4532234d93d8e41dd5aa8 https://huntr.dev/bounties/9d3d883c-d74c-4fe2-9978-a8e3d1ccf9f3 • CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 1CVE-2022-0597 – Open Redirect in microweber/microweber
https://notcve.org/view.php?id=CVE-2022-0597
Open Redirect in Packagist microweber/microweber prior to 1.2.11. Un Redireccionamiento Abierto en Packagist microweber/microweber versiones anteriores a 1.2.11 • https://github.com/microweber/microweber/commit/acfc6a581d1ea86096d1b0ecd8a0eec927c0e9b2 https://huntr.dev/bounties/68c22eab-cc69-4e9f-bcb6-2df3db626813 • CWE-601: URL Redirection to Untrusted Site ('Open Redirect') •
CVSS: 5.4EPSS: 0%CPEs: 1EXPL: 1CVE-2022-0596 – Improper Validation of Specified Quantity in Input in microweber/microweber
https://notcve.org/view.php?id=CVE-2022-0596
Improper Validation of Specified Quantity in Input in Packagist microweber/microweber prior to 1.2.11. Unos Errores de Lógica de Negocio en Packagist microweber/microweber versiones anteriores a 1.2.11 • https://github.com/microweber/microweber/commit/91a9d899741557c75050614ff7adb8c0e3feb005 https://huntr.dev/bounties/f68b994e-2b8b-49f5-af2a-8cd99e8048a5 • CWE-1284: Improper Validation of Specified Quantity in Input •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 1CVE-2022-0560 – Open Redirect in microweber/microweber
https://notcve.org/view.php?id=CVE-2022-0560
Open Redirect in Packagist microweber/microweber prior to 1.2.11. Un Redireccionamiento abierto en Packagist microweber/microweber versiones anteriores a 1.2.11 • https://github.com/microweber/microweber/commit/72d4b12cc487f56a859a8570ada4efb77b4b8c63 https://huntr.dev/bounties/c9d586e7-0fa1-47ab-a2b3-b890e8dc9b25 • CWE-601: URL Redirection to Untrusted Site ('Open Redirect') •
CVSS: 9.0EPSS: 4%CPEs: 1EXPL: 3CVE-2022-0557 – OS Command Injection in microweber/microweber
https://notcve.org/view.php?id=CVE-2022-0557
OS Command Injection in Packagist microweber/microweber prior to 1.2.11. Una Inyección de Comandos del Sistema Operativo en Packagist microweber/microweber versiones anteriores a 1.2.11 Microweber version 1.2.11 suffers from a remote shell upload vulnerability. • https://www.exploit-db.com/exploits/50768 http://packetstormsecurity.com/files/166077/Microweber-1.2.11-Shell-Upload.html https://github.com/microweber/microweber/commit/0a7e5f1d81de884861ca677ee1aaac31f188d632 https://huntr.dev/bounties/660c89af-2de5-41bc-aada-9e4e78142db8 • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •