Headline
CVE-2023-39796: Release WBCE CMS 1.6.1 · WBCE/WBCE_CMS
SQL injection vulnerability in the miniform module in WBCE CMS v.1.6.0 allows remote unauthenticated attacker to execute arbitrary code via the DB_RECORD_TABLE parameter.
Latest
Latest
Compare
Choose a tag to compare
instantflorian released this
27 Apr 06:44
· 13 commits to main since this release
1.6.1
1610cfa
This is a SECURITY / bugfix release. Please update as soon as possible; for more information, see annoncement in the WBCE CMS forum.
Also, some bugs were fixed and CKEditor was updated to the latest version.
Related news
WBCE 1.6.0 SQL Injection
WBCE version 1.6.0 suffers from a remote SQL injection vulnerability.