CVE-2018-10132

2018-04-1614:00:00

mitre

www.cve.org

pbootcms php code injection csrf

AI Score

Confidence

High

EPSS

0.001

Percentile

45.4%

JSON

PbootCMS v0.9.8 has CSRF via an admin.php/Message/mod/id/19.html?backurl=/index.php request, resulting in PHP code injection in the recontent parameter.

References

github.com/vQAQv/Request-CVE-ID-PoC/blob/master/PbootCMS/v0.9.8/CSRF.md