Lucene search
K

5 matches found

Nuclei
Nuclei
added yesterday32 views

WBCE CMS v1.5.4 - Cross Site Scripting (Stored)

A cross-site scripting XSS vulnerability in /admin/settings/save.php of WBCE CMS v1.5.4 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Website Footer field. id: CVE-2022-45038 info: name: WBCE CMS v1.5.4 - Cross Site Scripting Stored author:...

5.4CVSS6.1AI score0.01024EPSS
Exploits1References3
RedhatCVE
RedhatCVE
added 2025/05/23 12:15 a.m.7 views

CVE-2022-45038

A cross-site scripting XSS vulnerability in /admin/settings/save.php of WBCE CMS v1.5.4 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Website Footer field...

5.4CVSS5.7AI score0.01024EPSS
Exploits1References1
Circl
Circl
added 2022/11/25 6:20 p.m.4 views

CVE-2022-45038

creationtimestamp| type| source ---|---|--- 2022-11-25 18:20:24+00:00| seen| https://t.me/cibsecurity/53504 2025-04-25 19:07:17+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/13498...

5.4CVSS5.5AI score0.01024EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2022/11/25 12:0 a.m.6 views

CVE-2022-45038

A cross-site scripting XSS vulnerability in /admin/settings/save.php of WBCE CMS v1.5.4 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Website Footer field...

5.3AI score0.01024EPSS
Exploits1References1
CVE
CVE
added 2022/11/25 12:0 a.m.79 views

CVE-2022-45038

WBCE CMS v1.5.4 suffers a stored XSS in /admin/settings/save.php, exploitable via a crafted payload in the Website Footer field. Impact described: arbitrary script execution in users' browsers, with risks such as data theft, session hijacking, or page defacement. Affected component: admin/setting...

5.4CVSS5.2AI score0.01024EPSS
Exploits1References1Affected Software1
Rows per page
Query Builder