WBCE CMS version 1.6.4 contains a critical remote code execution vulnerability in the Droplets module. Authenticated administrators can inject and execute arbitrary PHP code through the droplet management interface, leading to full system compromise.
| Vendor | Product | Versions |
|---|---|---|
| wbce | wbce cms | 1.6.4 |
