393 matches found
CVE-2026-12066
A security flaw has been discovered in PbootCMS up to 3.2.12. This vulnerability affects the function retrieve of the file apps/home/controller/MemberController.php of the component Password Handler. The manipulation of the argument username/password/email/checkcode results in weak password...
EUVD-2026-36423
A security flaw has been discovered in PbootCMS up to 3.2.12. This vulnerability affects the function retrieve of the file apps/home/controller/MemberController.php of the component Password Handler. The manipulation of the argument username/password/email/checkcode results in weak password...
CVE-2026-12066 PbootCMS Password MemberController.php retrieve password recovery
A security flaw has been discovered in PbootCMS up to 3.2.12. This vulnerability affects the function retrieve of the file apps/home/controller/MemberController.php of the component Password Handler. The manipulation of the argument username/password/email/checkcode results in weak password...
CVE-2026-12066
CVE-2026-12066 affects PbootCMS up to version 3.2.12. The vulnerability resides in the function retrieve of file apps/home/controller/MemberController.php (Password Handler). Manipulating the arguments username/password/email/checkcode enables weak password recovery; the issue is exploitable remo...
CVE-2026-12066 PbootCMS Password MemberController.php retrieve password recovery
A security flaw has been discovered in PbootCMS up to 3.2.12. This vulnerability affects the function retrieve of the file apps/home/controller/MemberController.php of the component Password Handler. The manipulation of the argument username/password/email/checkcode results in weak password...
PT-2026-48866
A security flaw has been discovered in PbootCMS up to 3.2.12. This vulnerability affects the function retrieve of the file apps/home/controller/MemberController.php of the component Password Handler. The manipulation of the argument username/password/email/checkcode results in weak password...
CVE-2026-36239
PbootCMS v.3.2.11 contains a code injection vulnerability in its site configuration functionality...
EUVD-2026-32033
PbootCMS v.3.2.11 contains a code injection vulnerability in its site configuration functionality...
CVE-2026-36239
PbootCMS v.3.2.11 contains a code injection vulnerability in its site configuration functionality...
CVE-2026-36239
PbootCMS v.3.2.11 contains a code injection vulnerability in its site configuration functionality...
CVE-2026-36239
PbootCMS v.3.2.11 contains a code injection vulnerability in its site configuration functionality...
PbootCMS 安全漏洞
PbootCMS is an open-source enterprise website content management system developed using the PHP language. Version PbootCMS 3.2.11 contains a security vulnerability, which stems from code injection in the site configuration function...
CVE-2026-36239
PbootCMS v.3.2.11 contains a code injection vulnerability in its site configuration functionality...
CVE-2026-36239
CVE-2026-36239 involves PbootCMS where a code injection flaw exists in the site configuration handling. The connected exploit report specifically describes an authenticated RCE in PbootCMS v3.2.12 backend via the sitecopyright footer field, caused by insecure deserialization and output handling i...
PT-2026-43395
Name of the Vulnerable Software and Affected Versions PbootCMS version 3.2.11 Description Code injection is possible within the site configuration functionality. Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability...
Exploit for CVE-2026-36239
CVE-2026-36239 CVE-2026-36239: Authenticated RCE in PbootCMS v...
CVE-2026-4509
A security flaw has been discovered in PbootCMS up to 3.2.12. This affects an unknown function of the file core/function/file.php of the component File Upload. The manipulation of the argument black results in incomplete blacklist. The attack may be launched remotely. The exploit has been release...
CVE-2026-4510
A weakness has been identified in PbootCMS up to 3.2.12. This impacts the function alertlocation of the file apps/home/controller/MemberController.php of the component Parameter Handler. This manipulation of the argument backurl causes cross site scripting. Remote exploitation of the attack is...
CVE-2026-4514
A flaw has been found in PbootCMS up to 3.2.12. Affected by this issue is some unknown functionality of the file apps/admin/controller/system/UserController.php of the component Backend. Executing a manipulation of the argument Field can lead to improper access controls. The attack may be perform...
CVE-2026-4508
A vulnerability was identified in PbootCMS up to 3.2.12. The impacted element is the function checkUsername of the file apps/home/controller/MemberController.php of the component Member Login. The manipulation of the argument Username leads to sql injection. The attack may be initiated remotely...