Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
pbootcms pbootcms - vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2018-16356
An issue exists in PbootCMS. There is a SQL injection via the api.php/List/index order parameter.
Pbootcms Pbootcms -
7.5
CVSSv2
CVE-2018-16357
An issue exists in PbootCMS. There is a SQL injection via the api.php/Cms/search order parameter.
Pbootcms Pbootcms -
7.5
CVSSv2
CVE-2018-18450
apps\admin\controller\content\SingleController.php in PbootCMS before V1.3.0 build 2018-11-12 has SQL Injection, as demonstrated by the POST data to the admin.php/Single/mod/mcode/1/id/3 URI.
Pbootcms Pbootcms
NA
CVE-2023-39834
PbootCMS below v3.2.0 exists to contain a command injection vulnerability via create_function.
Pbootcms Pbootcms
6.5
CVSSv2
CVE-2018-19053
PbootCMS 1.2.2 allows remote malicious users to execute arbitrary PHP code by specifying a .php filename in a "SET GLOBAL general_log_file" statement, followed by a SELECT statement containing this PHP code.
Pbootcms Pbootcms 1.2.2
5.8
CVSSv2
CVE-2019-7570
A CSRF vulnerability was found in PbootCMS v1.3.6 that can delete users via an admin.php/User/del/ucode/ URI.
Pbootcms Pbootcms 1.3.6
NA
CVE-2024-1018
A vulnerability classified as problematic has been found in PbootCMS 3.2.5-20230421. Affected is an unknown function of the file /admin.php?p=/Area/index#tab=t2. The manipulation of the argument name leads to cross site scripting. It is possible to launch the attack remotely. The...
Pbootcms Pbootcms 3.2.5
4.3
CVSSv2
CVE-2020-17901
Cross-site request forgery (CSRF) in PbootCMS 1.3.2 allows malicious users to change the password of a user.
Pbootcms Pbootcms 1.3.2
7.5
CVSSv2
CVE-2018-11369
An issue exists in PbootCMS v1.0.9. There is a SQL Injection that can get important information from the database via the \apps\home\controller\ParserController.php scode parameter.
Pbootcms Pbootcms 1.0.9
NA
CVE-2023-50082
Aoyun Technology pbootcms V3.1.2 is vulnerable to Incorrect Access Control, allows remote malicious users to gain sensitive information via session leakage allows a user to avoid logging into the backend management platform.
Pbootcms Pbootcms 3.1.2
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-3400
deserialization
CVE-2024-21788
CVE-2023-42433
CVE-2024-21841
CVE-2024-22095
local file inclusion
memory leak
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
NEXT »