Pbootcms: >> Pbootcms Security Vulnerabilities
SQL injection vulnerability in route of PbootCMS 3.0.5 allows remote attackers to run arbitrary SQL commands via crafted GET request.
CVSS Score
9.8
EPSS Score
0.005
Published
2023-02-03
PbootCMS v3.1.2 was discovered to contain a remote code execution (RCE) vulnerability via the function parserIfLabel at function.php.
CVSS Score
9.8
EPSS Score
0.6
Published
2022-07-14
Cross Site Request Forgery (CSRF) vulnerability in PbootCMS v2.0.3 via /admin.php?p=/User/index.
CVSS Score
8.8
EPSS Score
0.002
Published
2022-06-02
Cross Site Scripting (XSS) vulnerability exists in PbootCMS v1.3.7 via the title parameter in the mod function in SingleController.php.
CVSS Score
4.8
EPSS Score
0.002
Published
2021-08-12
Incorrect Access Control vulnerability in PbootCMS 2.0.6 via the list parameter in the update function in upgradecontroller.php.
CVSS Score
6.5
EPSS Score
0.002
Published
2021-07-09
Remote Code Execution vulnerability in PbootCMS 2.0.8 in the message board.
CVSS Score
9.8
EPSS Score
0.022
Published
2021-07-08
Crossi Site Scripting (XSS) vulnerability in PbootCMS 2.0.3 in admin.php.
CVSS Score
4.8
EPSS Score
0.004
Published
2021-07-08
Pbootcms v2.0.3 is vulnerable to Cross Site Scripting (XSS) via admin.php.
CVSS Score
4.8
EPSS Score
0.003
Published
2021-06-03
PbootCMS 3.0.4 contains a SQL injection vulnerability through index.php via the search parameter that can reveal sensitive information through adding an admin account.
CVSS Score
7.5
EPSS Score
0.002
Published
2021-03-31
Cross-site request forgery (CSRF) in PbootCMS 1.3.2 allows attackers to change the password of a user.
CVSS Score
6.5
EPSS Score
0.002
Published
2020-11-30