Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
wbce wbce cms vulnerabilities and exploits
(subscribe to this query)
7.2
CVSSv3
CVE-2023-38947
An arbitrary file upload vulnerability in the /languages/install.php component of WBCE CMS v1.6.1 allows malicious users to execute arbitrary code via a crafted PHP file.
Wbce Wbce Cms 1.6.1
5.4
CVSSv3
CVE-2022-45036
A cross-site scripting (XSS) vulnerability in the Search Settings module of WBCE CMS v1.5.4 allows malicious users to execute arbitrary web scripts or HTML via a crafted payload injected into the No Results field.
Wbce Wbce Cms 1.5.4
5.4
CVSSv3
CVE-2022-45037
A cross-site scripting (XSS) vulnerability in /admin/users/index.php of WBCE CMS v1.5.4 allows malicious users to execute arbitrary web scripts or HTML via a crafted payload injected into the Display Name field.
Wbce Wbce Cms 1.5.4
5.4
CVSSv3
CVE-2022-45038
A cross-site scripting (XSS) vulnerability in /admin/settings/save.php of WBCE CMS v1.5.4 allows malicious users to execute arbitrary web scripts or HTML via a crafted payload injected into the Website Footer field.
Wbce Wbce Cms 1.5.4
7.2
CVSSv3
CVE-2022-45039
An arbitrary file upload vulnerability in the Server Settings module of WBCE CMS v1.5.4 allows malicious users to execute arbitrary code via a crafted PHP file.
Wbce Wbce Cms 1.5.4
5.4
CVSSv3
CVE-2022-45040
A cross-site scripting (XSS) vulnerability in /admin/pages/sections_save.php of WBCE CMS v1.5.4 allows malicious users to execute arbitrary web scripts or HTML via a crafted payload injected into the Name Section field.
Wbce Wbce Cms 1.5.4
4.8
CVSSv3
CVE-2017-1000213
WBCE v1.1.11 is vulnerable to reflected XSS via the "begriff" POST parameter in /admin/admintools/tool.php?tool=user_search
Wbce Wbce Cms 1.1.11
5.4
CVSSv3
CVE-2022-30072
WBCE CMS 1.5.2 is vulnerable to Cross Site Scripting (XSS) via \admin\pages\sections_save.php namesection2 parameters.
Wbce Wbce Cms 1.5.2
5.4
CVSSv3
CVE-2022-30073
WBCE CMS 1.5.2 is vulnerable to Cross Site Scripting (XSS) via /admin/users/save.php.
Wbce Wbce Cms 1.5.2
4.8
CVSSv3
CVE-2018-6313
Cross-site scripting (XSS) in WBCE CMS 1.3.1 allows remote authenticated administrators to inject arbitrary web script or HTML via the Modify Page screen, a different issue than CVE-2017-2118.
Wbce Wbce Cms 1.3.1
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-49223
CVE-2024-0044
information disclosure
CVE-2024-35753
HTML injection
CVE-2024-21306
CVE-2024-35733
SQL injection
CVE-2024-35732
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3