EPSS
Percentile
74.6%
PbootCMS 1.2.2 allows remote attackers to execute arbitrary PHP code by specifying a .php filename in a βSET GLOBAL general_log_fileβ statement, followed by a SELECT statement containing this PHP code.
github.com/Pbootcms/Pbootcms/issues/2