Vulnerabilities > Wbce > Wbce CMS > 1.5.3
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2023-10-21 | CVE-2023-46054 | Cross-site Scripting vulnerability in Wbce CMS Cross Site Scripting (XSS) vulnerability in WBCE CMS v.1.6.1 and before allows a remote attacker to escalate privileges via a crafted script to the website_footer parameter in the admin/settings/save.php component. | 5.4 |
2023-04-18 | CVE-2023-29855 | Command Injection vulnerability in Wbce CMS 1.5.3 WBCE CMS 1.5.3 has a command execution vulnerability via admin/languages/install.php. | 7.2 |