CVSS: 6.1EPSS: 1%CPEs: 1EXPL: 1CVE-2022-3242 – HTML code Injection in template search keyword in microweber/microweber
https://notcve.org/view.php?id=CVE-2022-3242
Code Injection in GitHub repository microweber/microweber prior to 1.3.2. Una Inyección de código en el repositorio de GitHub microweber/microweber versiones anteriores a 1.3.2 • https://github.com/microweber/microweber/commit/68f0721571653db865a5fa01c7986642c82e919c https://huntr.dev/bounties/3e6b218a-a5a6-40d9-9f7e-5ab0c6214faf • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 6.6EPSS: 0%CPEs: 1EXPL: 1CVE-2022-2777 – Cross-site Scripting (XSS) - Stored in microweber/microweber
https://notcve.org/view.php?id=CVE-2022-2777
Cross-site Scripting (XSS) - Stored in GitHub repository microweber/microweber prior to 1.3.1. Una vulnerabilidad de tipo Cross-site Scripting (XSS) - Almacenado en el repositorio GitHub microweber/microweber versiones anteriores a 1.3.1 • https://github.com/microweber/microweber/commit/60eef7494211d1c458228c321e986edeaa401a58 https://huntr.dev/bounties/13dd2f4d-0c7f-483e-a771-e1ed2ff1c36f • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 1CVE-2022-2470 – Cross-site Scripting (XSS) - Reflected in microweber/microweber
https://notcve.org/view.php?id=CVE-2022-2470
Cross-site Scripting (XSS) - Reflected in GitHub repository microweber/microweber prior to 1.2.21. Una vulnerabilidad de tipo Cross-site Scripting (XSS) - Reflejado en el repositorio de GitHub microweber/microweber versiones anteriores a 1.2.21 • https://github.com/microweber/microweber/commit/d28655183800b833abb20ccd55e1628f16ff65e4 https://huntr.dev/bounties/3f1f679c-c243-431c-8ed0-e61543b9921b • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.8EPSS: 0%CPEs: 1EXPL: 1CVE-2022-2495 – Cross-site Scripting (XSS) - Stored in microweber/microweber
https://notcve.org/view.php?id=CVE-2022-2495
Cross-site Scripting (XSS) - Stored in GitHub repository microweber/microweber prior to 1.2.21. Una vulnerabilidad de tipo Cross-site Scripting (XSS) - Almacenado en el repositorio de GitHub microweber/microweber versiones anteriores a 1.2.21 • https://github.com/microweber/microweber/commit/d35e691e72d358430abc8e99f5ba9eb374423b9f https://huntr.dev/bounties/00affb69-275d-4f4c-b419-437922bc7798 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 1CVE-2022-2368 – Authentication Bypass by Spoofing in microweber/microweber
https://notcve.org/view.php?id=CVE-2022-2368
Authentication Bypass by Spoofing in GitHub repository microweber/microweber prior to 1.2.20. Unos Errores de Lógica de Negocio en el repositorio de GitHub microweber/microweber versiones anteriores a 1.2.20 • https://github.com/microweber/microweber/commit/53c000ccd5602536e28b15d9630eb8261b04a302 https://huntr.dev/bounties/a9595eda-a5e0-4717-8d64-b445ef83f452 • CWE-290: Authentication Bypass by Spoofing •