Vulnerabilities > Wbce > Wbce CMS > 1.6.0
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-11-10 | CVE-2023-39796 | SQL Injection vulnerability in Wbce CMS 1.6.0 SQL injection vulnerability in the miniform module in WBCE CMS v.1.6.0 allows remote unauthenticated attacker to execute arbitrary code via the DB_RECORD_TABLE parameter. | 9.8 |
| 2023-10-21 | CVE-2023-46054 | Cross-site Scripting vulnerability in Wbce CMS Cross Site Scripting (XSS) vulnerability in WBCE CMS v.1.6.1 and before allows a remote attacker to escalate privileges via a crafted script to the website_footer parameter in the admin/settings/save.php component. | 5.4 |