CNNVD-202512-2814 Information

CNNVD ID

CNNVD-202512-2814

Related CVE

CVE-2023-53901

• CNNVD Published: 2025-12-16

Description (Chinese)

WBCE CMS是WBCE CMS开源的一套基于PHP和MySQL的开源内容管理系统（CMS）。 WBCE CMS 1.6.1版本存在安全漏洞，该漏洞源于跨站脚本漏洞，可能导致攻击者上传恶意HTML文件并捕获用户击键。

Description (English)

WBCE CMS is a WBCE CMS Open Content Management System (CMS) based on PHP and MySQL. There is a security loophole in version 1.6.1 of the WBCE CMS, which stems from a gap in the cross-site script, which could lead to the attackers uploading malicious HTML files and capturing user clicks.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

WBCE CMS

Published

2025-12-16

Last Modified

2026-02-24

References

https://wbce-cms.org/ https://www.exploit-db.com/exploits/51566 https://www.vulncheck.com/advisories/wbce-cms-cross-site-scripting-and-open-redirect-vulnerability