MEDIUM🇵🇱 Wersja polska

CVE-2022-0855

CVSS 6.1v3.1pub. 2022-03-04upd. 2024-11-21

Improper Resolution of Path Equivalence in GitHub repository microweber-dev/whmcs_plugin prior to 0.0.4.

CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
  • Microweber Whmcs

    APP
    Microweber
    < 0.0.4
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
CWE
References

Related vulnerabilities

CVE-2023-1877CRITICAL9.8ten sam vendor

Command Injection in GitHub repository microweber/microweber prior to 1.3.3.

CVE-2022-0895CRITICAL9.8ten sam vendor

Static Code Injection in GitHub repository microweber/microweber prior to 1.3.

CVE-2020-23138CRITICAL9.8ten sam vendor

An unrestricted file upload vulnerability was discovered in the Microweber 1.1.18 admin account page. An attac...

CVE-2025-60954HIGH8.3ten sam vendor

Microweber CMS 2.0 has Weak Password Requirements. The application does not enforce minimum password length or...

CVE-2025-51504HIGH7.6ten sam vendor

Microweber CMS 2.0 is vulnerable to Cross Site Scripting (XSS)in the /projects/profile, homepage endpoint via ...