Bozhidar Slaveykov

42 exploits Active since Jan 2022
CVE-2022-0777 WRITEUP HIGH WRITEUP
microweber/microweber <1.3 - Info Disclosure
Weak Password Recovery Mechanism for Forgotten Password in GitHub repository microweber/microweber prior to 1.3.
CVSS 7.5
CVE-2022-0895 WRITEUP CRITICAL WRITEUP
microweber/microweber <1.3 - Code Injection
Static Code Injection in GitHub repository microweber/microweber prior to 1.3.
CVSS 9.8
CVE-2022-0896 WRITEUP HIGH WRITEUP
microweber/microweber <1.3 - Info Disclosure
Improper Neutralization of Special Elements Used in a Template Engine in GitHub repository microweber/microweber prior to 1.3.
CVSS 8.8
CVE-2022-0912 WRITEUP MEDIUM WRITEUP
microweber < 1.2.11 - Unrestricted Upload of File with Dangerous Type
Unrestricted Upload of File with Dangerous Type in GitHub repository microweber/microweber prior to 1.2.11.
CVSS 4.8
CVE-2022-0913 WRITEUP HIGH WRITEUP
microweber < 1.2.11 and < 1.2.12 - Integer Overflow or Wraparound
Integer Overflow or Wraparound in GitHub repository microweber/microweber prior to 1.3.
CVSS 7.5
CVE-2022-0921 WRITEUP MEDIUM WRITEUP
microweber < 1.2.12 - Remote Code Execution via Backup/Restore Feature
Abusing Backup/Restore feature to achieve Remote Code Execution in GitHub repository microweber/microweber prior to 1.2.12.
CVSS 6.7
CVE-2022-0926 WRITEUP MEDIUM WRITEUP
microweber < 1.2.12 - Stored Cross-Site Scripting via File Upload Filter Bypass
File upload filter bypass leading to stored XSS in GitHub repository microweber/microweber prior to 1.2.12.
CVSS 4.8
CVE-2022-0928 WRITEUP MEDIUM WRITEUP
microweber < 1.2.12 - Stored Cross-Site Scripting
Cross-site Scripting (XSS) - Stored in GitHub repository microweber/microweber prior to 1.2.12.
CVSS 5.4
CVE-2022-0929 WRITEUP MEDIUM WRITEUP
microweber < 1.2.11 - Cross-Site Scripting in Dynamic Text Module
XSS on dynamic_text module in GitHub repository microweber/microweber prior to 1.2.11.
CVSS 6.1
CVE-2022-0930 WRITEUP MEDIUM WRITEUP
microweber < 1.2.12 - Stored Cross-Site Scripting via File Upload Filter Bypass
File upload filter bypass leading to stored XSS in GitHub repository microweber/microweber prior to 1.2.12.
CVSS 4.8
CVE-2022-0954 WRITEUP MEDIUM WRITEUP
microweber < 1.2.11 - Stored Cross-Site Scripting in Shop Settings
Multiple Stored Cross-site Scripting (XSS) Vulnerabilities in Shop's Other Settings, Shop's Autorespond E-mail Settings and Shops' Payments Methods in GitHub repository microweber/microweber prior to 1.2.11.
CVSS 5.4
CVE-2022-0961 WRITEUP MEDIUM WRITEUP
microweber < 1.2.12 - Denial of Service via Post Title Input Field
The microweber application allows large characters to insert in the input field "post title" which can allow attackers to cause a Denial of Service (DoS) via a crafted HTTP request. in GitHub repository microweber/microweber prior to 1.2.12.
CVSS 5.5
CVE-2022-0963 WRITEUP MEDIUM WRITEUP
microweber < 1.2.12 - Stored Cross-Site Scripting via Unrestricted XML File Upload
Unrestricted XML Files Leads to Stored XSS in GitHub repository microweber/microweber prior to 1.2.12.
CVSS 5.4
CVE-2022-0968 WRITEUP MEDIUM WRITEUP
microweber < 1.2.12 - Denial of Service via Large Input in First & Last Name Field
The microweber application allows large characters to insert in the input field "fist & last name" which can allow attackers to cause a Denial of Service (DoS) via a crafted HTTP request. in microweber/microweber in GitHub repository microweber/microweber prior to 1.2.12.
CVSS 5.5
CVE-2022-1036 WRITEUP HIGH WRITEUP
microweber < 1.2.12 - Integer Overflow via Long Password
Able to create an account with long password leads to memory corruption / Integer Overflow in GitHub repository microweber/microweber prior to 1.2.12.
CVSS 7.5
CVE-2023-47379 WRITEUP MEDIUM WRITEUP
Microweber < 2.0.3 - Stored Cross-Site Scripting via Profile Picture Upload
Microweber CMS version 2.0.1 is vulnerable to stored Cross Site Scripting (XSS) via the profile picture file upload functionality.
CVSS 5.4
CVE-2023-5976 WRITEUP MEDIUM WRITEUP
microweber < 2.0.0 - Improper Access Control
Improper Access Control in GitHub repository microweber/microweber prior to 2.0.
CVSS 4.3