Vulnerabilities > Wbce > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-11-21 | CVE-2022-45016 | Cross-site Scripting vulnerability in Wbce CMS A cross-site scripting (XSS) vulnerability in the Search Settings module of WBCE CMS v1.5.4 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Footer field. | 4.8 |
| 2022-11-21 | CVE-2022-45017 | Cross-site Scripting vulnerability in Wbce CMS A cross-site scripting (XSS) vulnerability in the Overview Page settings module of WBCE CMS v1.5.4 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Post Loop field. | 4.8 |
| 2022-05-17 | CVE-2022-30072 | Cross-site Scripting vulnerability in Wbce CMS 1.5.2 WBCE CMS 1.5.2 is vulnerable to Cross Site Scripting (XSS) via \admin\pages\sections_save.php namesection2 parameters. | 5.4 |
| 2022-05-17 | CVE-2022-30073 | Cross-site Scripting vulnerability in Wbce CMS 1.5.2 WBCE CMS 1.5.2 is vulnerable to Cross Site Scripting (XSS) via /admin/users/save.php. | 5.4 |
| 2022-04-28 | CVE-2022-28477 | Cross-site Scripting vulnerability in Wbce CMS 1.5.2 WBCE CMS 1.5.2 is vulnerable to Cross Site Scripting (XSS). | 6.1 |
| 2018-01-25 | CVE-2018-6313 | Cross-site Scripting vulnerability in Wbce CMS 1.3.1 Cross-site scripting (XSS) in WBCE CMS 1.3.1 allows remote authenticated administrators to inject arbitrary web script or HTML via the Modify Page screen, a different issue than CVE-2017-2118. | 4.8 |
| 2017-11-17 | CVE-2017-1000213 | Cross-site Scripting vulnerability in Wbce CMS 1.1.11 WBCE v1.1.11 is vulnerable to reflected XSS via the "begriff" POST parameter in /admin/admintools/tool.php?tool=user_search | 4.8 |
| 2017-04-28 | CVE-2017-2118 | Cross-site Scripting vulnerability in Wbce CMS Cross-site scripting vulnerability in WBCE CMS 1.1.10 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 6.1 |