Security Advisory

CVE-2025-34506

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2025-12-11 21:44:03

Last updated 2026-04-07 14:09:48

Assigner VulnCheck

State PUBLISHED

Description

WBCE CMS version 1.6.3 and prior contains an authenticated remote code execution vulnerability that allows administrators to upload malicious modules. Attackers can craft a specially designed ZIP module with embedded PHP reverse shell code to gain remote system access when the module is installed.

← Browse all CVEs View on cve.org ↗