Vulnerabilities > Wbce

DATE CVE VULNERABILITY TITLE RISK
2022-11-25 CVE-2022-45040 Cross-site Scripting vulnerability in Wbce CMS 1.5.4
A cross-site scripting (XSS) vulnerability in /admin/pages/sections_save.php of WBCE CMS v1.5.4 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name Section field.
network
low complexity
wbce CWE-79
5.4
2022-11-21 CVE-2022-45012 Cross-site Scripting vulnerability in Wbce CMS
A cross-site scripting (XSS) vulnerability in the Modify Page module of WBCE CMS v1.5.4 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Source field.
network
low complexity
wbce CWE-79
4.8
2022-11-21 CVE-2022-45013 Cross-site Scripting vulnerability in Wbce CMS
A cross-site scripting (XSS) vulnerability in the Show Advanced Option module of WBCE CMS v1.5.4 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Section Header field.
network
low complexity
wbce CWE-79
4.8
2022-11-21 CVE-2022-45014 Cross-site Scripting vulnerability in Wbce CMS
A cross-site scripting (XSS) vulnerability in the Search Settings module of WBCE CMS v1.5.4 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Results Header field.
network
low complexity
wbce CWE-79
4.8
2022-11-21 CVE-2022-45015 Cross-site Scripting vulnerability in Wbce CMS
A cross-site scripting (XSS) vulnerability in the Search Settings module of WBCE CMS v1.5.4 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Results Footer field.
network
low complexity
wbce CWE-79
4.8
2022-11-21 CVE-2022-45016 Cross-site Scripting vulnerability in Wbce CMS
A cross-site scripting (XSS) vulnerability in the Search Settings module of WBCE CMS v1.5.4 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Footer field.
network
low complexity
wbce CWE-79
4.8
2022-11-21 CVE-2022-45017 Cross-site Scripting vulnerability in Wbce CMS
A cross-site scripting (XSS) vulnerability in the Overview Page settings module of WBCE CMS v1.5.4 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Post Loop field.
network
low complexity
wbce CWE-79
4.8
2022-11-15 CVE-2022-4006 Improper Restriction of Excessive Authentication Attempts vulnerability in Wbce CMS
A vulnerability, which was classified as problematic, has been found in WBCE CMS.
network
low complexity
wbce CWE-307
7.5
2022-05-17 CVE-2022-30072 Cross-site Scripting vulnerability in Wbce CMS 1.5.2
WBCE CMS 1.5.2 is vulnerable to Cross Site Scripting (XSS) via \admin\pages\sections_save.php namesection2 parameters.
network
low complexity
wbce CWE-79
5.4
2022-05-17 CVE-2022-30073 Cross-site Scripting vulnerability in Wbce CMS 1.5.2
WBCE CMS 1.5.2 is vulnerable to Cross Site Scripting (XSS) via /admin/users/save.php.
network
low complexity
wbce CWE-79
5.4