CVE-2022-25101

Name of the Vulnerable Software and Affected Versions WBCE CMS version 1.5.2

Description A vulnerability in the component /templates/install.php of WBCE CMS allows attackers to execute arbitrary code via a crafted PHP file.

Recommendations For WBCE CMS version 1.5.2, consider removing or restricting access to the /templates/install.php component until a patch is available. As a temporary workaround, restrict the ability to upload crafted PHP files to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.