Vulnerabilities in WBCE
9 resultsCVE-2021-3817CRITICALSQL Injection in wbce/wbce_cmsEPSS 37.8%CVE-2022-4006LOWWBCE CMS Header class.login.php increase_attempts excessive authenticationEPSS 0.8%CVE-2022-50936HIGHWBCE CMS 1.5.2 - Remote Code Execution (RCE) (Authenticated)EPSS 0.8%CVE-2025-34506HIGHWBCE CMS 1.6.3 Authenticated Remote Code Execution via Module UploadEPSS 0.8%CVE-2024-58283HIGHWBCE CMS 1.6.2 Remote Code Execution via Elfinder File UploadEPSS 0.6%CVE-2025-65950CRITICALWBCE CMS is Vulnerable to Time-Based Blind SQL Injection through groups[] ParameterEPSS 0.5%CVE-2025-67504CRITICALWBCE CMS has Weak Random Number Generator in Password Generation FunctionEPSS 0.4%CVE-2025-66204MEDIUMWBCE CMS allows brute-force protection bypass using X-Forwarded-For headerEPSS 0.4%CVE-2025-65094HIGHWBCE CMS is Vulnerable to Privilege Escalation via Group ID Manipulation (IDOR)EPSS 0.3%