Bozhidar Slaveykov

37 exploits Active since Jan 2022
CVE-2022-0921 WRITEUP MEDIUM WRITEUP
Microweber < 1.2.12 - Code Injection
Abusing Backup/Restore feature to achieve Remote Code Execution in GitHub repository microweber/microweber prior to 1.2.12.
CVSS 6.7
CVE-2022-0926 WRITEUP MEDIUM WRITEUP
Microweber < 1.2.12 - XSS
File upload filter bypass leading to stored XSS in GitHub repository microweber/microweber prior to 1.2.12.
CVSS 4.8
CVE-2022-0928 WRITEUP MEDIUM WRITEUP
Microweber < 1.2.11 - XSS
Cross-site Scripting (XSS) - Stored in GitHub repository microweber/microweber prior to 1.2.12.
CVSS 5.4
CVE-2022-0929 WRITEUP MEDIUM WRITEUP
Microweber < 1.2.11 - XSS
XSS on dynamic_text module in GitHub repository microweber/microweber prior to 1.2.11.
CVSS 6.1
CVE-2022-0930 WRITEUP MEDIUM WRITEUP
Microweber < 1.2.12 - XSS
File upload filter bypass leading to stored XSS in GitHub repository microweber/microweber prior to 1.2.12.
CVSS 4.8
CVE-2022-0954 WRITEUP MEDIUM WRITEUP
Microweber < 1.2.11 - XSS
Multiple Stored Cross-site Scripting (XSS) Vulnerabilities in Shop's Other Settings, Shop's Autorespond E-mail Settings and Shops' Payments Methods in GitHub repository microweber/microweber prior to 1.2.11.
CVSS 5.4
CVE-2022-0961 WRITEUP MEDIUM WRITEUP
Microweber < 1.2.12 - Integer Overflow
The microweber application allows large characters to insert in the input field "post title" which can allow attackers to cause a Denial of Service (DoS) via a crafted HTTP request. in GitHub repository microweber/microweber prior to 1.2.12.
CVSS 5.5
CVE-2022-0963 WRITEUP MEDIUM WRITEUP
Microweber < 1.2.12 - XSS
Unrestricted XML Files Leads to Stored XSS in GitHub repository microweber/microweber prior to 1.2.12.
CVSS 5.4
CVE-2022-0968 WRITEUP MEDIUM WRITEUP
Microweber < 1.2.12 - Integer Overflow
The microweber application allows large characters to insert in the input field "fist & last name" which can allow attackers to cause a Denial of Service (DoS) via a crafted HTTP request. in microweber/microweber in GitHub repository microweber/microweber prior to 1.2.12.
CVSS 5.5
CVE-2022-1036 WRITEUP HIGH WRITEUP
Microweber < 1.2.12 - Integer Overflow
Able to create an account with long password leads to memory corruption / Integer Overflow in GitHub repository microweber/microweber prior to 1.2.12.
CVSS 7.5
CVE-2023-47379 WRITEUP MEDIUM WRITEUP
Microweber < 2.0.3 - XSS
Microweber CMS version 2.0.1 is vulnerable to stored Cross Site Scripting (XSS) via the profile picture file upload functionality.
CVSS 5.4
CVE-2023-5976 WRITEUP MEDIUM WRITEUP
Microweber < 2.0.0 - Improper Access Control
Improper Access Control in GitHub repository microweber/microweber prior to 2.0.
CVSS 4.3