Wbce Cms Security Vulnerabilities and Issues — Wbce Cms CVE List

A cross-site scripting (XSS) vulnerability in /admin/settings/save.php of WBCE CMS v1.5.4 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Website Footer field.

5.4CVSS5.2AI score0.1315EPSS

CVE•added 2022/11/25 4:15 p.m.•48 views

CVE-2022-45037

A cross-site scripting (XSS) vulnerability in /admin/users/index.php of WBCE CMS v1.5.4 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Display Name field.

5.4CVSS5.2AI score0.1315EPSS

CVE•added 2023/10/21 7:15 a.m.•45 views

CVE-2023-46054

Cross Site Scripting (XSS) vulnerability in WBCE CMS v.1.6.1 and before allows a remote attacker to escalate privileges via a crafted script to the website_footer parameter in the admin/settings/save.php component.

5.4CVSS5.3AI score0.00109EPSS

CVE•added 2022/11/25 4:15 p.m.•43 views

CVE-2022-45040

A cross-site scripting (XSS) vulnerability in /admin/pages/sections_save.php of WBCE CMS v1.5.4 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name Section field.

5.4CVSS5.2AI score0.00084EPSS

CVE•added 2022/11/25 4:15 p.m.•42 views

CVE-2022-45036

A cross-site scripting (XSS) vulnerability in the Search Settings module of WBCE CMS v1.5.4 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the No Results field.

5.4CVSS5.2AI score0.00084EPSS