CVE-2017-2120
WBCE CMS (versions 1.1.10 and earlier) contains an SQL injection vulnerability (CWE-89) that can be triggered by an administrator, enabling execution of arbitrary SQL commands via unspecified vectors. The issue is listed as CVE-2017-2120. A patch exists for WBCE CMS 1.1.3–1.1.10; update to a vers...