Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

microweber — Vulnerabilities & Security Advisories 81

Browse all 81 CVE security advisories affecting microweber. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Microweber is an open-source drag-and-drop content management system designed for website creation and e-commerce. Its architecture, built on the Laravel framework, has historically exposed it to a significant volume of security flaws, with eighty-one Common Vulnerabilities and Exposures currently recorded. The most prevalent issues involve remote code execution, cross-site scripting, and SQL injection, often stemming from insufficient input validation and improper access controls. These vulnerabilities frequently allow attackers to escalate privileges or execute arbitrary commands on the underlying server. While no single catastrophic breach has defined its public history, the sheer number of disclosed defects indicates persistent maintenance challenges. Users must prioritize rigorous patching and configuration hardening to mitigate these risks, as the software’s modular nature can inadvertently expand the attack surface if third-party extensions are not similarly secured.

Found 78 results / 81Clear Filters
Top products by microweber: microweber/microweber microweber
CVE IDTitleCVSSSeverityPublished
CVE-2023-6832 Business Logic Errors in microweber/microweber — microweber/microweberCWE-840 5.3 -2023-12-15
CVE-2023-6599 Missing Standardized Error Handling Mechanism in microweber/microweber — microweber/microweberCWE-544--2023-12-08
CVE-2023-6566 Business Logic Errors in microweber/microweber — microweber/microweberCWE-840 5.3 -2023-12-07
CVE-2023-5976 Improper Access Control in microweber/microweber — microweber/microweberCWE-284 5.3 -2023-11-07
CVE-2023-5861 Cross-site Scripting (XSS) - Stored in microweber/microweber — microweber/microweberCWE-79 4.8 -2023-10-31
CVE-2023-5318 Use of Hard-coded Credentials in microweber/microweber — microweber/microweberCWE-798 9.4 -2023-09-30
CVE-2023-5244 Cross-site Scripting (XSS) - Reflected in microweber/microweber — microweber/microweberCWE-79 6.1 -2023-09-28
CVE-2023-3142 Cross-site Scripting (XSS) - Stored in microweber/microweber — microweber/microweberCWE-79 4.8 -2023-06-07
CVE-2023-2240 Improper Privilege Management in microweber/microweber — microweber/microweberCWE-269 8.1 -2023-04-22
CVE-2023-2239 Exposure of Private Personal Information to an Unauthorized Actor in microweber/microweber — microweber/microweberCWE-359 7.5 -2023-04-22
CVE-2023-2014 Cross-site Scripting (XSS) - Generic in microweber/microweber — microweber/microweberCWE-79 4.8 -2023-04-13
CVE-2023-1881 Cross-site Scripting (XSS) - Stored in microweber/microweber — microweber/microweberCWE-79 4.8 -2023-04-05
CVE-2023-1877 Command Injection in microweber/microweber — microweber/microweberCWE-77 9.8 -2023-04-05
CVE-2023-1081 Cross-site Scripting (XSS) - Stored in microweber/microweber — microweber/microweberCWE-79 4.8 -2023-02-28
CVE-2023-0608 Cross-site Scripting (XSS) - DOM in microweber/microweber — microweber/microweberCWE-79 4.8 -2023-02-01
CVE-2022-4732 Unrestricted Upload of File with Dangerous Type in microweber/microweber — microweber/microweberCWE-434 8.7 -2022-12-24
CVE-2022-4647 Cross-site Scripting (XSS) - Stored in microweber/microweber — microweber/microweberCWE-79 4.8 -2022-12-22
CVE-2022-4617 Cross-site Scripting (XSS) - Reflected in microweber/microweber — microweber/microweberCWE-79 6.1 -2022-12-21
CVE-2022-3245 Code Injection in display of tag title on saving tags in microweber/microweber — microweber/microweberCWE-94 6.1 -2022-09-20
CVE-2022-3242 HTML code Injection in template search keyword in microweber/microweber — microweber/microweberCWE-94 7.1 -2022-09-20
CVE-2022-2777 Cross-site Scripting (XSS) - Stored in microweber/microweber — microweber/microweberCWE-79 4.8 -2022-08-11
CVE-2022-2470 Cross-site Scripting (XSS) - Reflected in microweber/microweber — microweber/microweberCWE-79 6.1 -2022-07-22
CVE-2022-2495 Cross-site Scripting (XSS) - Stored in microweber/microweber — microweber/microweberCWE-79 4.8 -2022-07-22
CVE-2022-2368 Authentication Bypass by Spoofing in microweber/microweber — microweber/microweberCWE-290 6.5 Medium2022-07-11
CVE-2022-2353 Cross-Site Request Forgery (CSRF) in microweber/microweber — microweber/microweberCWE-352 8.2 -2022-07-09
CVE-2022-2300 Cross-site Scripting (XSS) - Stored in microweber/microweber — microweber/microweberCWE-79 4.8 -2022-07-04
CVE-2022-2280 Cross-site Scripting (XSS) - Stored in microweber/microweber — microweber/microweberCWE-79 4.8 -2022-07-01
CVE-2022-2252 Open Redirect in microweber/microweber — microweber/microweberCWE-601 6.1 -2022-06-29
CVE-2022-2174 Cross-site Scripting (XSS) - Reflected in microweber/microweber — microweber/microweberCWE-79 6.1 -2022-06-22
CVE-2022-2130 Cross-site Scripting (XSS) - Reflected in microweber/microweber — microweber/microweberCWE-79 6.1 -2022-06-20

This page lists every published CVE security advisory associated with microweber. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.