Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
pbootcms vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2018-19595
PbootCMS V1.3.1 build 2018-11-14 allows remote malicious users to execute arbitrary code via use of "eval" with mixed case, as demonstrated by an index.php/list/5/?current={pboot:if(evAl($_GET[a]))}1{/pboot:if}&a=phpinfo(); URI, because of an incorrect apps\home\con...
Pbootcms Pbootcms 1.3.1
8.8
CVSSv3
CVE-2018-10132
PbootCMS v0.9.8 has CSRF via an admin.php/Message/mod/id/19.html?backurl=/index.php request, resulting in PHP code injection in the recontent parameter.
Pbootcms Pbootcms 0.9.8
9.8
CVSSv3
CVE-2018-10133
PbootCMS v0.9.8 allows PHP code injection via an IF label in index.php/About/6.html or admin.php/Site/index.html, related to the parserIfLabel function in \apps\home\controller\ParserController.php.
Pbootcms Pbootcms 0.9.8
9.8
CVSSv3
CVE-2018-11369
An issue exists in PbootCMS v1.0.9. There is a SQL Injection that can get important information from the database via the \apps\home\controller\ParserController.php scode parameter.
Pbootcms Pbootcms 1.0.9
4.8
CVSSv3
CVE-2020-18456
Cross Site Scripting (XSS) vulnerability exists in PbootCMS v1.3.7 via the title parameter in the mod function in SingleController.php.
Pbootcms Pbootcms 1.3.7
8.8
CVSSv3
CVE-2018-11018
An issue exists in PbootCMS v1.0.7. Cross-site request forgery (CSRF) vulnerability in apps/admin/controller/system/RoleController.php allows remote malicious users to add administrator accounts via admin.php/role/add.html.
Pbootcms Pbootcms 1.0.7
9.8
CVSSv3
CVE-2021-37497
SQL injection vulnerability in route of PbootCMS 3.0.5 allows remote malicious users to run arbitrary SQL commands via crafted GET request.
Pbootcms Pbootcms 3.0.5
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
encryption
CVE-2024-4331
CVE-2024-26925
arbitrary code
CVE-2006-4304
CVE-2024-25458
CVE-2024-27077
reflected XSS
CVE-2024-4059
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3