Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
pbootcms vulnerabilities and exploits
(subscribe to this query)
4.8
CVSSv3
CVE-2020-21003
Pbootcms v2.0.3 is vulnerable to Cross Site Scripting (XSS) via admin.php.
Pbootcms Pbootcms 2.0.3
7.5
CVSSv3
CVE-2021-28245
PbootCMS 3.0.4 contains a SQL injection vulnerability through index.php via the search parameter that can reveal sensitive information through adding an admin account.
Pbootcms Pbootcms 3.0.4
6.5
CVSSv3
CVE-2020-17901
Cross-site request forgery (CSRF) in PbootCMS 1.3.2 allows malicious users to change the password of a user.
Pbootcms Pbootcms 1.3.2
9.8
CVSSv3
CVE-2018-16356
An issue exists in PbootCMS. There is a SQL injection via the api.php/List/index order parameter.
Pbootcms Pbootcms -
9.8
CVSSv3
CVE-2018-16357
An issue exists in PbootCMS. There is a SQL injection via the api.php/Cms/search order parameter.
Pbootcms Pbootcms -
4.8
CVSSv3
CVE-2019-17417
PbootCMS 2.0.2 allows XSS via vectors involving the Pboot/admin.php?p=/Single/index/mcode/1 and Pboot/?contact/ URIs.
Pbootcms Pbootcms 2.0.2
7.2
CVSSv3
CVE-2019-8422
A SQL Injection vulnerability exists in PbootCMS v1.3.2 via the description parameter in apps\admin\controller\content\ContentController.php.
Pbootcms Pbootcms 1.3.2
6.5
CVSSv3
CVE-2019-7570
A CSRF vulnerability was found in PbootCMS v1.3.6 that can delete users via an admin.php/User/del/ucode/ URI.
Pbootcms Pbootcms 1.3.6
9.8
CVSSv3
CVE-2018-19893
SearchController.php in PbootCMS 1.2.1 has SQL injection via the index.php/Search/index.html query string.
Pbootcms Pbootcms 1.2.1
9.8
CVSSv3
CVE-2018-19595
PbootCMS V1.3.1 build 2018-11-14 allows remote malicious users to execute arbitrary code via use of "eval" with mixed case, as demonstrated by an index.php/list/5/?current={pboot:if(evAl($_GET[a]))}1{/pboot:if}&a=phpinfo(); URI, because of an incorrect apps\home\con...
Pbootcms Pbootcms 1.3.1
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-48693
CVE-2024-30851
CVE-2024-34460
CVE-2024-2887
local
CVE-2024-27956
remote code execution
CVE-2024-34475
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
NEXT »