34 matches found
CVE-2025-29389
CVE-2025-29389 affects PbootCMS v3.2.9 with a cross-site scripting (XSS) vulnerability in the admin.php?p=/Content/index/mcode/2#tab=t2 endpoint. The connected sources consistently identify the issue as a XSS in that admin page path; no root-cause code snippet is provided beyond this. Exploitatio...
CVE-2020-19248
SQL Injection vulnerability in PbootCMS 1.4.1 in parsing if statements in templates, resulting in a malicious user's ability to contaminate template content by searching for page contamination URLs, thus triggering vulnerabilities when the program uses eval statements to parse templates...
CVE-2020-19248
SQL Injection vulnerability in PbootCMS 1.4.1 in parsing if statements in templates, resulting in a malicious user's ability to contaminate template content by searching for page contamination URLs, thus triggering vulnerabilities when the program uses eval statements to parse templates...
CVE-2024-12793 PbootCMS IndexController.php path traversal
A vulnerability, which was classified as problematic, has been found in PbootCMS up to 5.2.3. Affected by this issue is some unknown functionality of the file apps/home/controller/IndexController.php. The manipulation of the argument tag leads to path traversal. The attack may be launched remotel...
CVE-2024-12789
A vulnerability was found in PbootCMS up to 3.2.3. It has been classified as critical. This affects an unknown part of the file apps/home/controller/IndexController.php. The manipulation of the argument tag leads to code injection. It is possible to initiate the attack remotely. The exploit has...
CVE-2024-12789 PbootCMS IndexController.php code injection
A vulnerability was found in PbootCMS up to 3.2.3. It has been classified as critical. This affects an unknown part of the file apps/home/controller/IndexController.php. The manipulation of the argument tag leads to code injection. It is possible to initiate the attack remotely. The exploit has...
PT-2023-12321 · Pbootcms · Pbootcms
Name of the Vulnerable Software and Affected Versions: PbootCMS version 3.0.5 Description: A SQL injection issue exists, allowing remote attackers to execute arbitrary SQL commands by sending a crafted GET request. Recommendations: For PbootCMS version 3.0.5, update to a newer version that contai...
PbootCMS Remote Code Execution Vulnerability
PbootCMS is an open source enterprise building content management system CMS developed using the PHP language. PbootCMS has a security vulnerability, the vulnerability stems from the platform's message board function does not validate the data, an attacker can exploit the vulnerability to execute...
PbootCMS suffers from SQL injection vulnerability (CNVD-2021-32805)
PbootCMS is a new core permanent open source free PHP web development and building management system CMS developed by Avantech. PbootCMS has a SQL injection vulnerability. Attackers can use this vulnerability to obtain sensitive information from the database...
Command Execution Vulnerability in PbootCMS of Hunan Aoyun Network Technology Co. Ltd (CNVD-2021-30915)
PbootCMS is an open source and free PHP enterprise web development and construction management system. Hunan Avion Network Technology Co., Ltd PbootCMS has a command execution vulnerability that can be exploited by attackers to execute arbitrary PHP code and gain server privileges...
Command execution vulnerability in PbootCMS (CNVD-2021-30081)
PbootCMS is an open source and free PHP enterprise web development and construction management system. PbootCMS has a command execution vulnerability that can be exploited by an attacker to execute arbitrary commands...
Command execution vulnerability in PbootCMS (CNVD-2021-00794)
PbootCMS is an open source free PHP enterprise web development and construction management system. PbootCMS has a command execution vulnerability that can be exploited by attackers to gain server privileges...
Code execution vulnerability in pbootcms
PbootCMS is a new core and permanent open source free PHP enterprise website development and construction management system , is a set of efficient , simple , strong and free commercial PHP CMS source code , to meet the needs of various types of enterprise website development and construction...
SQL injection vulnerability in PbootCMS V1.1.7 Si***.php page (CNVD-2018-17749)
PbootCMS is a new core open source enterprise building system developed by Avantech. PbootCMS V1.1.7 Si.php page has a SQL injection vulnerability. An attacker can exploit the vulnerability to obtain sensitive information in the database...