CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2023-39796

SQL injection vulnerability in the miniform module in WBCE CMS v.1.6.0 allows remote unauthenticated attacker to execute arbitrary code via the DB_RECORD_TABLE parameter.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.819

EPSS Ranking 99.1%

CVSS Severity

CVSS v3 Score 9.8

References

https://forum.wbce.org/viewtopic.php?pid=42046#p42046
https://github.com/WBCE/WBCE_CMS/releases/tag/1.6.1
https://pastebin.com/PBw5AvGp
https://forum.wbce.org/viewtopic.php?pid=42046#p42046
https://github.com/WBCE/WBCE_CMS/releases/tag/1.6.1
https://pastebin.com/PBw5AvGp

Products affected by CVE-2023-39796

Wbce » Wbce Cms » Version: 1.6.0

cpe:2.3:a:wbce:wbce_cms:1.6.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2023-39796

Products

Pricing

Contact Us