Vulnerabilities > Wbce > Wbce CMS > Critical

DATE CVE VULNERABILITY TITLE RISK
2023-11-10 CVE-2023-39796 SQL Injection vulnerability in Wbce CMS 1.6.0
SQL injection vulnerability in the miniform module in WBCE CMS v.1.6.0 allows remote unauthenticated attacker to execute arbitrary code via the DB_RECORD_TABLE parameter.
network
low complexity
wbce CWE-89
critical
 9.8
9.8
2022-12-20 CVE-2022-46020 Unrestricted Upload of File with Dangerous Type vulnerability in Wbce CMS 1.5.4
WBCE CMS v1.5.4 can implement getshell by modifying the upload file type.
network
low complexity
wbce CWE-434
critical
 9.8
9.8