VYPR

Wbce CMS

by Wbce

Source repositories

CVEs (34)

  • CVE-2023-29855Apr 18, 2023
    risk 0.00cvss epss 0.01

    WBCE CMS 1.5.3 has a command execution vulnerability via admin/languages/install.php.

  • CVE-2022-45037Nov 25, 2022
    risk 0.00cvss epss 0.01

    A cross-site scripting (XSS) vulnerability in /admin/users/index.php of WBCE CMS v1.5.4 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Display Name field.

  • CVE-2022-45036Nov 25, 2022
    risk 0.00cvss epss 0.00

    A cross-site scripting (XSS) vulnerability in the Search Settings module of WBCE CMS v1.5.4 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the No Results field.

  • CVE-2022-45038Nov 25, 2022
    risk 0.00cvss epss 0.01

    A cross-site scripting (XSS) vulnerability in /admin/settings/save.php of WBCE CMS v1.5.4 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Website Footer field.

  • CVE-2022-45040Nov 25, 2022
    risk 0.00cvss epss 0.00

    A cross-site scripting (XSS) vulnerability in /admin/pages/sections_save.php of WBCE CMS v1.5.4 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name Section field.

  • CVE-2022-45013Nov 21, 2022
    risk 0.00cvss epss 0.00

    A cross-site scripting (XSS) vulnerability in the Show Advanced Option module of WBCE CMS v1.5.4 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Section Header field.

  • CVE-2022-45016Nov 21, 2022
    risk 0.00cvss epss 0.00

    A cross-site scripting (XSS) vulnerability in the Search Settings module of WBCE CMS v1.5.4 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Footer field.

  • CVE-2022-45012Nov 21, 2022
    risk 0.00cvss epss 0.00

    A cross-site scripting (XSS) vulnerability in the Modify Page module of WBCE CMS v1.5.4 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Source field.

  • CVE-2022-45014Nov 21, 2022
    risk 0.00cvss epss 0.00

    A cross-site scripting (XSS) vulnerability in the Search Settings module of WBCE CMS v1.5.4 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Results Header field.

  • CVE-2022-45015Nov 21, 2022
    risk 0.00cvss epss 0.00

    A cross-site scripting (XSS) vulnerability in the Search Settings module of WBCE CMS v1.5.4 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Results Footer field.

  • CVE-2022-4006Nov 15, 2022
    risk 0.00cvss epss 0.01

    A vulnerability, which was classified as problematic, has been found in WBCE CMS. Affected by this issue is the function increase_attempts of the file wbce/framework/class.login.php of the component Header Handler. The manipulation of the argument X-Forwarded-For leads to…

  • CVE-2022-30072May 17, 2022
    risk 0.00cvss epss 0.01

    WBCE CMS 1.5.2 is vulnerable to Cross Site Scripting (XSS) via \admin\pages\sections_save.php namesection2 parameters.

  • CVE-2022-28477Apr 28, 2022
    risk 0.00cvss epss 0.01

    WBCE CMS 1.5.2 is vulnerable to Cross Site Scripting (XSS).

  • CVE-2022-25101Feb 23, 2022
    risk 0.00cvss epss 0.01

    A vulnerability in the component /templates/install.php of WBCE CMS v1.5.2 allows attackers to execute arbitrary code via a crafted PHP file.

Page 2 of 2