Vulnerabilities > Wbce > Wbce CMS
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-11-25 | CVE-2022-45040 | Cross-site Scripting vulnerability in Wbce CMS 1.5.4 A cross-site scripting (XSS) vulnerability in /admin/pages/sections_save.php of WBCE CMS v1.5.4 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name Section field. | 5.4 |
| 2022-11-21 | CVE-2022-45012 | Cross-site Scripting vulnerability in Wbce CMS A cross-site scripting (XSS) vulnerability in the Modify Page module of WBCE CMS v1.5.4 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Source field. | 4.8 |
| 2022-11-21 | CVE-2022-45013 | Cross-site Scripting vulnerability in Wbce CMS A cross-site scripting (XSS) vulnerability in the Show Advanced Option module of WBCE CMS v1.5.4 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Section Header field. | 4.8 |
| 2022-11-21 | CVE-2022-45014 | Cross-site Scripting vulnerability in Wbce CMS A cross-site scripting (XSS) vulnerability in the Search Settings module of WBCE CMS v1.5.4 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Results Header field. | 4.8 |
| 2022-11-21 | CVE-2022-45015 | Cross-site Scripting vulnerability in Wbce CMS A cross-site scripting (XSS) vulnerability in the Search Settings module of WBCE CMS v1.5.4 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Results Footer field. | 4.8 |
| 2022-11-21 | CVE-2022-45016 | Cross-site Scripting vulnerability in Wbce CMS A cross-site scripting (XSS) vulnerability in the Search Settings module of WBCE CMS v1.5.4 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Footer field. | 4.8 |
| 2022-11-21 | CVE-2022-45017 | Cross-site Scripting vulnerability in Wbce CMS A cross-site scripting (XSS) vulnerability in the Overview Page settings module of WBCE CMS v1.5.4 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Post Loop field. | 4.8 |
| 2022-11-15 | CVE-2022-4006 | Improper Restriction of Excessive Authentication Attempts vulnerability in Wbce CMS A vulnerability, which was classified as problematic, has been found in WBCE CMS. | 7.5 |
| 2022-05-17 | CVE-2022-30072 | Cross-site Scripting vulnerability in Wbce CMS 1.5.2 WBCE CMS 1.5.2 is vulnerable to Cross Site Scripting (XSS) via \admin\pages\sections_save.php namesection2 parameters. | 3.5 |
| 2022-05-17 | CVE-2022-30073 | Cross-site Scripting vulnerability in Wbce CMS 1.5.2 WBCE CMS 1.5.2 is vulnerable to Cross Site Scripting (XSS) via /admin/users/save.php. | 3.5 |