CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

CNNVD•added 2022/11/25 12:0 a.m.•2 views

WBCE CMS 跨站脚本漏洞

WBCE CMS is an open source content management system CMS based on PHP and MySQL. A security vulnerability exists in WBCE CMS v1.5.4, which stems from a cross-site scripting XSS vulnerability in the Search Settings module. The vulnerability can be exploited by an attacker to execute arbitrary web...

5.4CVSS5.9AI score0.00323EPSS

Cvelist•added 2022/11/25 12:0 a.m.•13 views

CVE-2022-45037

A cross-site scripting XSS vulnerability in /admin/users/index.php of WBCE CMS v1.5.4 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Display Name field...

5.4AI score0.0304EPSS

CNNVD•added 2022/11/25 12:0 a.m.•2 views

WBCE CMS 跨站脚本漏洞

WBCE CMS is an open source content management system CMS based on PHP and MySQL. A security vulnerability exists in WBCE CMS v1.5.4, which originates from a cross-site scripting XSS vulnerability in /admin/pages/sectionssave.php. The vulnerability can be exploited by an attacker to execute...

5.4CVSS5.9AI score0.00224EPSS

Vulnrichment•added 2022/11/25 12:0 a.m.•4 views

CVE-2022-45039

An arbitrary file upload vulnerability in the Server Settings module of WBCE CMS v1.5.4 allows attackers to execute arbitrary code via a crafted PHP file...

7.3AI score0.00479EPSS

Vulnrichment•added 2022/11/25 12:0 a.m.•4 views

CVE-2022-45037

5.3AI score0.0304EPSS

Cvelist•added 2022/11/25 12:0 a.m.•13 views

CVE-2022-45036

A cross-site scripting XSS vulnerability in the Search Settings module of WBCE CMS v1.5.4 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the No Results field...

5.4AI score0.00323EPSS

Cvelist•added 2022/11/25 12:0 a.m.•17 views

CVE-2022-45038

A cross-site scripting XSS vulnerability in /admin/settings/save.php of WBCE CMS v1.5.4 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Website Footer field...

5.4AI score0.0304EPSS

Positive Technologies•added 2022/11/25 12:0 a.m.•4 views

PT-2022-27386 · Wbce Cms · Wbce Cms

Name of the Vulnerable Software and Affected Versions: WBCE CMS version 1.5.4 Description: A cross-site scripting XSS issue in the /admin/pages/sections save.php file allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name Section field. This can lea...

5.4CVSS5.5AI score0.00224EPSS

Exploits1References5

CNNVD•added 2022/11/25 12:0 a.m.•2 views

WBCE CMS 代码问题漏洞

WBCE CMS is an open source content management system CMS based on PHP and MySQL. A security vulnerability exists in WBCE CMS v1.5.4, which originates from an arbitrary file upload vulnerability in the server settings module. An attacker can exploit this vulnerability to execute arbitrary code via...

7.2CVSS7.6AI score0.00479EPSS

CVE•added 2022/11/25 12:0 a.m.•57 views

CVE-2022-45040

WBCE CMS v1.5.4 is affected by a cross-site scripting (XSS) issue in /admin/pages/sections_save.php. The vulnerability allows an attacker to inject arbitrary web scripts or HTML via the Name Section field, resulting in code execution in the victim’s browser. The provided documents describe the af...

5.4CVSS5.2AI score0.00224EPSS

Exploits1References1Affected Software1

CNVD•added 2022/11/23 12:0 a.m.•20 views

WBCE CMS Results Header Field Cross-Site Scripting Vulnerability

WBCE CMS is an open source content management system CMS based on PHP and MySQL. WBCE CMS v1.5.4 and its previous versions exist cross-site scripting vulnerability, the vulnerability stems from the Search Settings module in the Results Header field of the user-supplied data lack of effective...

CNVD•added 2022/11/23 12:0 a.m.•24 views

WBCE CMS Results Footer Field Cross-Site Scripting Vulnerability

WBCE CMS is an open source content management system CMS based on PHP and MySQL. WBCE CMS v1.5.4 and its previous versions exist cross-site scripting vulnerability, the vulnerability stems from the Search Settings module in the Results Footer field of the user-supplied data lack of effective...

CNVD•added 2022/11/23 12:0 a.m.•20 views

WBCE CMS Cross-Site Scripting Vulnerability (CNVD-2022-86446)

WBCE CMS is an open source content management system CMS based on PHP and MySQL. A cross-site scripting vulnerability exists in WBCE CMS 1.5.4 and previous versions, which stems from the lack of effective filtering and escaping of user-supplied data in the Footer field of the Search Settings...

CNVD•added 2022/11/23 12:0 a.m.•21 views

WBCE CMS Cross-Site Scripting Vulnerability

CNVD•added 2022/11/23 12:0 a.m.•19 views

WBCE CMS Source Field Cross-Site Scripting Vulnerability

WBCE CMS is an open source content management system CMS based on PHP and MySQL. WBCE CMS v1.5.4 and its previous versions exist cross-site scripting vulnerability, the vulnerability stems from the lack of effective filtering and escaping of user-supplied data in the Source field in the Modify Pa...

CNVD•added 2022/11/23 12:0 a.m.•27 views

WBCE CMS Section Header Field Cross-Site Scripting Vulnerability

WBCE CMS is an open source content management system CMS based on PHP and MySQL. A cross-site scripting vulnerability exists in WBCE CMS v1.5.4 and its previous versions, which stems from the lack of effective filtering and escaping of user-supplied data in the Section Header field of the Show...