5 matches found
WBCE CMS v1.5.4 - Cross Site Scripting (Stored)
A cross-site scripting XSS vulnerability in /admin/settings/save.php of WBCE CMS v1.5.4 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Website Footer field. id: CVE-2022-45038 info: name: WBCE CMS v1.5.4 - Cross Site Scripting Stored author:...
CVE-2022-45038
A cross-site scripting XSS vulnerability in /admin/settings/save.php of WBCE CMS v1.5.4 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Website Footer field...
CVE-2022-45038
creationtimestamp| type| source ---|---|--- 2022-11-25 18:20:24+00:00| seen| https://t.me/cibsecurity/53504 2025-04-25 19:07:17+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/13498...
CVE-2022-45038
A cross-site scripting XSS vulnerability in /admin/settings/save.php of WBCE CMS v1.5.4 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Website Footer field...
CVE-2022-45038
WBCE CMS v1.5.4 suffers a stored XSS in /admin/settings/save.php, exploitable via a crafted payload in the Website Footer field. Impact described: arbitrary script execution in users' browsers, with risks such as data theft, session hijacking, or page defacement. Affected component: admin/setting...