wbce

Top products

The 15 most recently published vulnerabilities affecting wbce.

• CVE-2022-50936WBCE CMS 1.5.2 - Remote Code Execution (RCE) (Authenticated)8.8Jan 13, 2026
• CVE-2023-53910WBCE CMS 1.6.1 Stored Cross-Site Scripting via Page Content5.4Dec 17, 2025
• CVE-2023-53909WBCE CMS 1.6.1 SVG File Content Cross-Site Scripting5.4Dec 17, 2025
• CVE-2023-53901WBCE CMS 1.6.1 Cross-Site Scripting and Open Redirect Vulnerability5.4Dec 16, 2025
• CVE-2025-34506WBCE CMS 1.6.3 Authenticated Remote Code Execution via Module Upload8.8Dec 11, 2025
• CVE-2024-58283WBCE CMS 1.6.2 Remote Code Execution via Elfinder File Upload8.8Dec 10, 2025
• CVE-2025-65950WBCE CMS is Vulnerable to Time-Based Blind SQL Injection through groups[] Parameter8.8Dec 10, 2025
• CVE-2025-67504WBCE CMS has Weak Random Number Generator in Password Generation Function9.1Dec 9, 2025
• CVE-2025-66204WBCE CMS allows brute-force protection bypass using X-Forwarded-For header8.1Dec 8, 2025
• CVE-2025-65094WBCE CMS is Vulnerable to Privilege Escalation via Group ID Manipulation (IDOR)8.8Nov 19, 2025
• CVE-2023-39796SQL injection vulnerability in the miniform module in WBCE CMS v.1.6.0 allows remote unauthenticated attacker to execute arbitrary code via the DB_RECORD_TABLE parameter.9.8Nov 10, 2023
• CVE-2023-46054Cross Site Scripting (XSS) vulnerability in WBCE CMS v.1.6.1 and before allows a remote attacker to escalate privileges via a crafted script to the website_footer parameter in the admin/settings/sa...5.4Oct 21, 2023
• CVE-2023-43871A File upload vulnerability in WBCE v.1.6.1 allows a local attacker to upload a pdf file with hidden Cross Site Scripting (XSS).5.4Sep 28, 2023
• CVE-2023-38947An arbitrary file upload vulnerability in the /languages/install.php component of WBCE CMS v1.6.1 allows attackers to execute arbitrary code via a crafted PHP file.7.2Aug 3, 2023
• CVE-2023-29855WBCE CMS 1.5.3 has a command execution vulnerability via admin/languages/install.php.7.2Apr 18, 2023