Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
pbootcms pbootcms vulnerabilities and exploits
(subscribe to this query)
4.8
CVSSv3
CVE-2020-21003
Pbootcms v2.0.3 is vulnerable to Cross Site Scripting (XSS) via admin.php.
Pbootcms Pbootcms 2.0.3
7.5
CVSSv3
CVE-2021-28245
PbootCMS 3.0.4 contains a SQL injection vulnerability through index.php via the search parameter that can reveal sensitive information through adding an admin account.
Pbootcms Pbootcms 3.0.4
6.5
CVSSv3
CVE-2020-17901
Cross-site request forgery (CSRF) in PbootCMS 1.3.2 allows malicious users to change the password of a user.
Pbootcms Pbootcms 1.3.2
9.8
CVSSv3
CVE-2018-16356
An issue exists in PbootCMS. There is a SQL injection via the api.php/List/index order parameter.
Pbootcms Pbootcms -
9.8
CVSSv3
CVE-2018-16357
An issue exists in PbootCMS. There is a SQL injection via the api.php/Cms/search order parameter.
Pbootcms Pbootcms -
4.8
CVSSv3
CVE-2019-17417
PbootCMS 2.0.2 allows XSS via vectors involving the Pboot/admin.php?p=/Single/index/mcode/1 and Pboot/?contact/ URIs.
Pbootcms Pbootcms 2.0.2
7.2
CVSSv3
CVE-2019-8422
A SQL Injection vulnerability exists in PbootCMS v1.3.2 via the description parameter in apps\admin\controller\content\ContentController.php.
Pbootcms Pbootcms 1.3.2
6.5
CVSSv3
CVE-2019-7570
A CSRF vulnerability was found in PbootCMS v1.3.6 that can delete users via an admin.php/User/del/ucode/ URI.
Pbootcms Pbootcms 1.3.6
9.8
CVSSv3
CVE-2018-19893
SearchController.php in PbootCMS 1.2.1 has SQL injection via the index.php/Search/index.html query string.
Pbootcms Pbootcms 1.2.1
9.8
CVSSv3
CVE-2018-19595
PbootCMS V1.3.1 build 2018-11-14 allows remote malicious users to execute arbitrary code via use of "eval" with mixed case, as demonstrated by an index.php/list/5/?current={pboot:if(evAl($_GET[a]))}1{/pboot:if}&a=phpinfo(); URI, because of an incorrect apps\home\con...
Pbootcms Pbootcms 1.3.1
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-29895
blind SQL injection
CVE-2024-5064
CVE-2023-52677
CVE-2023-52682
CVE-2024-30051
CVE-2024-35849
remote attackers
remote
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
NEXT »