First published: Fri Nov 25 2022(Updated: )
An arbitrary file upload vulnerability in the Server Settings module of WBCE CMS v1.5.4 allows attackers to execute arbitrary code via a crafted PHP file.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Wbce Wbce Cms | =1.5.4 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The vulnerability ID is CVE-2022-45039.
The severity level of CVE-2022-45039 is high (7.2).
CVE-2022-45039 affects version 1.5.4 of WBCE CMS.
CVE-2022-45039 allows attackers to execute arbitrary code by exploiting an arbitrary file upload vulnerability in the Server Settings module of WBCE CMS v1.5.4 using a crafted PHP file.
Yes, it is recommended to upgrade to a fixed version of WBCE CMS to address CVE-2022-45039.