CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

SQL injection vulnerability in the miniform module in WBCE CMS v.1.6.0 allows remote unauthenticated attacker to execute arbitrary code via the DBRECORDTABLE parameter...

9.8CVSS8.7AI score0.70992EPSS

Exploits3References1

RedhatCVE•added 2025/05/23 4:8 a.m.•11 views

CVE-2023-38947

An arbitrary file upload vulnerability in the /languages/install.php component of WBCE CMS v1.6.1 allows attackers to execute arbitrary code via a crafted PHP file...

7.2CVSS7.8AI score0.00246EPSS

Exploits1

RedhatCVE•added 2025/05/23 3:48 a.m.•11 views

CVE-2023-46054

Cross Site Scripting XSS vulnerability in WBCE CMS v.1.6.1 and before allows a remote attacker to escalate privileges via a crafted script to the websitefooter parameter in the admin/settings/save.php component...

5.4CVSS6.1AI score0.00109EPSS

Exploits1References1

RedhatCVE•added 2025/05/23 3:41 a.m.•5 views

CVE-2023-29855

WBCE CMS 1.5.3 has a command execution vulnerability via admin/languages/install.php...

7.2CVSS7.2AI score0.01192EPSS

Exploits1References1

RedhatCVE•added 2025/05/23 12:17 a.m.•6 views

CVE-2022-4006

A vulnerability, which was classified as problematic, has been found in WBCE CMS. Affected by this issue is the function increaseattempts of the file wbce/framework/class.login.php of the component Header Handler. The manipulation of the argument X-Forwarded-For leads to improper restriction of...

7.5CVSS7.2AI score0.00259EPSS

Exploits1References1

RedhatCVE•added 2025/05/23 12:16 a.m.•9 views

CVE-2022-45040

A cross-site scripting XSS vulnerability in /admin/pages/sectionssave.php of WBCE CMS v1.5.4 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name Section field...

5.4CVSS5.7AI score0.00224EPSS

Exploits1References1

RedhatCVE•added 2025/05/23 12:16 a.m.•7 views

CVE-2022-45037

A cross-site scripting XSS vulnerability in /admin/users/index.php of WBCE CMS v1.5.4 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Display Name field...

5.4CVSS5.7AI score0.0304EPSS

Exploits1References1

RedhatCVE•added 2025/05/23 12:15 a.m.•6 views

CVE-2022-45038

A cross-site scripting XSS vulnerability in /admin/settings/save.php of WBCE CMS v1.5.4 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Website Footer field...

5.4CVSS5.7AI score0.0304EPSS

Exploits1References1

RedhatCVE•added 2025/05/23 12:15 a.m.•12 views

CVE-2022-45017

A cross-site scripting XSS vulnerability in the Overview Page settings module of WBCE CMS v1.5.4 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Post Loop field...

4.8CVSS5.7AI score0.00386EPSS

Exploits1References1

RedhatCVE•added 2025/05/23 12:15 a.m.•7 views

CVE-2022-45016

A cross-site scripting XSS vulnerability in the Search Settings module of WBCE CMS v1.5.4 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Footer field...

4.8CVSS5.7AI score0.00386EPSS

Exploits0References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by