WBCE CMS is an open source content management system (CMS) based on PHP and MySQL. An arbitrary file upload vulnerability exists in WBCE CMS version 1.6.1, which stems from the lack of validation of uploaded files in the /languages/install.php component. The vulnerability can be exploited to remotely execute arbitrary code by uploading a malicious file.
CPE | Name | Operator | Version |
---|---|---|---|
wbce wbce cms | eq | 1.6.1 |