header-logo
Suggest Exploit
explore-vulnerabilities

Explore Vulnerabilities

Version
Year

Explore all Exploits:

WBCE CMS Version 1.6.1 Remote Command Execution

WBCE CMS version 1.6.1 is vulnerable to remote command execution. By uploading a malicious file and triggering its execution through the language installation feature, an attacker can execute arbitrary commands on the server. This can lead to unauthorized access, data theft, and other malicious activities. This vulnerability has been assigned CVE-2023-XXXXX.

Unauthenticated SQL injection in WBCE 1.6.0

An SQL injection vulnerability exists in the *miniform* module of WBCE CMS version 1.6.0. The vulnerability allows unauthenticated attackers to access and potentially take over the entire database. The issue arises from the lack of authentication checks in the file /modules/miniform/ajax_delete_message.php, specifically in a DELETE query on line 40. The vulnerability can be exploited by using a tick sign (`) to manipulate the query. The vulnerable parameter is DB_RECORD_TABLE.

WBCE CMS 1.6.1 – Multiple Stored Cross-Site Scripting (XSS)

The WBCE CMS version 1.6.1 is vulnerable to multiple stored cross-site scripting (XSS) attacks. An attacker can upload a malicious SVG file containing a script that will be executed when viewed by an authenticated user with administrative privileges. This can lead to the execution of arbitrary code or the theft of sensitive information.

WBCE CMS 1.5.2 – Remote Code Execution (RCE) (Authenticated)

WBCE CMS version 1.5.2 is vulnerable to Remote Code Execution (RCE) when an authenticated user uploads a malicious file. This exploit uses a payload encoded in base64 which is uploaded to the server and then executed. The payload is a PHP shell which allows the attacker to execute arbitrary commands on the server.

WBCE CMS 1.5.1 – Admin Password Reset

An attacker can exploit a SQL injection vulnerability in WBCE CMS version 1.5.1 to reset the administrator password. The attacker can send a specially crafted HTTP POST request to the vulnerable URL with the email address set to 'admin@domain.com' and a random value for the submit parameter. This will cause the application to send a plaintext password to the attacker's email address.

Recent Exploits: