Vulnerability DatabaseWS-2022-0193
Mend.io Vulnerability Database
The largest open source vulnerability database
What is a Vulnerability ID?
New vulnerability? Tell us about it!
WS-2022-0193
Published:May 15, 2026
Updated:May 15, 2026
Improper handling of parameter lead to listing any directory in microweber/microweber before 1.2.20
Affected Packages
microweber/microweber (PHP):
Affected version(s) =dev-new-source-editor <dev-newsletter_module
Fix Suggestion:
Update to version dev-newsletter_module
microweber/microweber (PHP):
Affected version(s) =dev-dev <dev-filament
Fix Suggestion:
Update to version dev-filament
microweber/microweber (PHP):
Affected version(s) =dev-checkout_v2 <dev-fix_backup_encoding_v2
Fix Suggestion:
Update to version dev-fix_backup_encoding_v2
microweber/microweber (PHP):
Affected version(s) =dev-Radanovn-patch-1 <dev-contact_form_fix_sr-1
Fix Suggestion:
Update to version dev-contact_form_fix_sr-1
microweber/microweber (PHP):
Affected version(s) =dev-backup_new_functions <dev-build
Fix Suggestion:
Update to version dev-build
microweber/microweber (PHP):
Affected version(s) =dev-lang-fix <dev-laravel
Fix Suggestion:
Update to version dev-laravel
microweber/microweber (PHP):
Affected version(s) =dev-revert-797-master
Fix Suggestion:
Update to version no_fix
microweber/microweber (PHP):
Affected version(s) =dev-inline-spacings-replace <dev-jenkins_modules_test
Fix Suggestion:
Update to version dev-jenkins_modules_test
microweber/microweber (PHP):
Affected version(s) =dev-1.3-dev <1.3.0.x-dev
Fix Suggestion:
Update to version 1.3.0.x-dev
microweber/microweber (PHP):
Affected version(s) =dev-webpack2 <dev-wordpress_import_backup_v2
Fix Suggestion:
Update to version dev-wordpress_import_backup_v2
microweber/microweber (PHP):
Affected version(s) =dev-optimization <dev-pm-dev
Fix Suggestion:
Update to version dev-pm-dev
arthurgroup/websitebuilder (PHP):
Affected version(s) =1.2.x-dev <dev-1.2-test-pm
Fix Suggestion:
Update to version dev-1.2-test-pm
microweber/microweber (PHP):
Affected version(s) >=dev-1.2-dev <dev-1.2-test-pm
Fix Suggestion:
Update to version dev-1.2-test-pm
microweber/microweber (PHP):
Affected version(s) =dev-10_1_2021 <dev-laravel-11
Fix Suggestion:
Update to version dev-laravel-11
microweber/microweber (PHP):
Affected version(s) >=dev-slow_backup_fix <dev-test_module
Fix Suggestion:
Update to version dev-test_module
microweber/microweber (PHP):
Affected version(s) =dev-handles-2 <dev-le2
Fix Suggestion:
Update to version dev-le2
microweber/microweber (PHP):
Affected version(s) =dev-optimization1 <dev-test1
Fix Suggestion:
Update to version dev-test1
microweber/microweber (PHP):
Affected version(s) =dev-account-manager <dev-add_custom_data_on_product
Fix Suggestion:
Update to version dev-add_custom_data_on_product
microweber/microweber (PHP):
Affected version(s) =dev-theme_content_export <dev-tinymce
Fix Suggestion:
Update to version dev-tinymce
arthurgroup/websitebuilder (PHP):
Affected version(s) =dev-dependabot/composer/composer/composer-1.10.23 <dev-fix_backup_encoding_v2
Fix Suggestion:
Update to version dev-fix_backup_encoding_v2
microweber/microweber (PHP):
Affected version(s) =dev-fix-products <dev-fix_cf
Fix Suggestion:
Update to version dev-fix_cf
Related Resources (1)
https://github.com/microweber/microweber/commit/585005760b0af57ae7ce6908d20ce360ada5b91d
Do you need more information?
Contact Us
CVSS v4
Base Score:
8.3
Attack Vector
NETWORK
Attack Complexity
LOW
Attack Requirements
NONE
Privileges Required
LOW
User Interaction
NONE
Vulnerable System Confidentiality
HIGH
Vulnerable System Integrity
NONE
Vulnerable System Availability
NONE
Subsequent System Confidentiality
HIGH
Subsequent System Integrity
NONE
Subsequent System Availability
NONE
CVSS v3
Base Score:
7.7
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
CHANGED
Confidentiality
HIGH
Integrity
NONE
Availability
NONE