4 matches found
CVE-2022-4006
A vulnerability, which was classified as problematic, has been found in WBCE CMS. Affected by this issue is the function increaseattempts of the file wbce/framework/class.login.php of the component Header Handler. The manipulation of the argument X-Forwarded-For leads to improper restriction of...
CVE-2022-28477
WBCE CMS 1.5.2 is vulnerable to Cross Site Scripting XSS...
CVE-2019-17575
A file-rename filter bypass exists in admin/media/rename.php in WBCE CMS 1.4.0 and earlier. This can be exploited by an authenticated user with admin privileges to rename a media filename and extension. For example: place PHP code in a .jpg file, and then change the file's base name to filename.p...
WBCE CMS 安全漏洞
WBCE CMS is an open source content management system CMS based on PHP and MySQL. WBCE CMS suffers from a security vulnerability that originates in /templates/install.php that allows attackers to execute arbitrary code via a crafted PHP file...