Lucene search
+L

34 matches found

CVE
CVE
added 2025/04/09 12:0 a.m.67 views

CVE-2025-29389

CVE-2025-29389 affects PbootCMS v3.2.9 with a cross-site scripting (XSS) vulnerability in the admin.php?p=/Content/index/mcode/2#tab=t2 endpoint. The connected sources consistently identify the issue as a XSS in that admin page path; no root-cause code snippet is provided beyond this. Exploitatio...

6.1CVSS6.1AI score0.00244EPSS
Exploits1References2Affected Software1
RedhatCVE
RedhatCVE
added 2025/02/23 12:19 a.m.14 views

CVE-2020-19248

SQL Injection vulnerability in PbootCMS 1.4.1 in parsing if statements in templates, resulting in a malicious user's ability to contaminate template content by searching for page contamination URLs, thus triggering vulnerabilities when the program uses eval statements to parse templates...

5.1CVSS8.2AI score0.00245EPSS
Exploits1
Cvelist
Cvelist
added 2025/02/21 12:0 a.m.25 views

CVE-2020-19248

SQL Injection vulnerability in PbootCMS 1.4.1 in parsing if statements in templates, resulting in a malicious user's ability to contaminate template content by searching for page contamination URLs, thus triggering vulnerabilities when the program uses eval statements to parse templates...

0.00245EPSS
Exploits1References2
Cvelist
Cvelist
added 2024/12/19 6:0 p.m.29 views

CVE-2024-12793 PbootCMS IndexController.php path traversal

A vulnerability, which was classified as problematic, has been found in PbootCMS up to 5.2.3. Affected by this issue is some unknown functionality of the file apps/home/controller/IndexController.php. The manipulation of the argument tag leads to path traversal. The attack may be launched remotel...

5.3CVSS0.0049EPSS
Exploits0References4
NVD
NVD
added 2024/12/19 5:15 p.m.43 views

CVE-2024-12789

A vulnerability was found in PbootCMS up to 3.2.3. It has been classified as critical. This affects an unknown part of the file apps/home/controller/IndexController.php. The manipulation of the argument tag leads to code injection. It is possible to initiate the attack remotely. The exploit has...

9.8CVSS0.00528EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2024/12/19 4:31 p.m.14 views

CVE-2024-12789 PbootCMS IndexController.php code injection

A vulnerability was found in PbootCMS up to 3.2.3. It has been classified as critical. This affects an unknown part of the file apps/home/controller/IndexController.php. The manipulation of the argument tag leads to code injection. It is possible to initiate the attack remotely. The exploit has...

6.5CVSS7.5AI score0.00528EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2023/02/03 12:0 a.m.6 views

PT-2023-12321 · Pbootcms · Pbootcms

Name of the Vulnerable Software and Affected Versions: PbootCMS version 3.0.5 Description: A SQL injection issue exists, allowing remote attackers to execute arbitrary SQL commands by sending a crafted GET request. Recommendations: For PbootCMS version 3.0.5, update to a newer version that contai...

9.8CVSS10AI score0.01257EPSS
Exploits1References3
CNVD
CNVD
added 2021/07/12 12:0 a.m.5 views

PbootCMS Remote Code Execution Vulnerability

PbootCMS is an open source enterprise building content management system CMS developed using the PHP language. PbootCMS has a security vulnerability, the vulnerability stems from the platform's message board function does not validate the data, an attacker can exploit the vulnerability to execute...

9.8CVSS7.6AI score0.02474EPSS
Exploits1References1
CNVD
CNVD
added 2021/04/23 12:0 a.m.6 views

PbootCMS suffers from SQL injection vulnerability (CNVD-2021-32805)

PbootCMS is a new core permanent open source free PHP web development and building management system CMS developed by Avantech. PbootCMS has a SQL injection vulnerability. Attackers can use this vulnerability to obtain sensitive information from the database...

7.5AI score
Exploits0
CNVD
CNVD
added 2021/04/17 12:0 a.m.2 views

Command Execution Vulnerability in PbootCMS of Hunan Aoyun Network Technology Co. Ltd (CNVD-2021-30915)

PbootCMS is an open source and free PHP enterprise web development and construction management system. Hunan Avion Network Technology Co., Ltd PbootCMS has a command execution vulnerability that can be exploited by attackers to execute arbitrary PHP code and gain server privileges...

8.3AI score
Exploits0
CNVD
CNVD
added 2021/03/04 12:0 a.m.4 views

Command execution vulnerability in PbootCMS (CNVD-2021-30081)

PbootCMS is an open source and free PHP enterprise web development and construction management system. PbootCMS has a command execution vulnerability that can be exploited by an attacker to execute arbitrary commands...

8AI score
Exploits0
CNVD
CNVD
added 2020/12/21 12:0 a.m.2 views

Command execution vulnerability in PbootCMS (CNVD-2021-00794)

PbootCMS is an open source free PHP enterprise web development and construction management system. PbootCMS has a command execution vulnerability that can be exploited by attackers to gain server privileges...

7.7AI score
Exploits0
CNVD
CNVD
added 2020/04/22 12:0 a.m.1 views

Code execution vulnerability in pbootcms

PbootCMS is a new core and permanent open source free PHP enterprise website development and construction management system , is a set of efficient , simple , strong and free commercial PHP CMS source code , to meet the needs of various types of enterprise website development and construction...

7.7AI score
Exploits0
CNVD
CNVD
added 2018/08/05 12:0 a.m.5 views

SQL injection vulnerability in PbootCMS V1.1.7 Si***.php page (CNVD-2018-17749)

PbootCMS is a new core open source enterprise building system developed by Avantech. PbootCMS V1.1.7 Si.php page has a SQL injection vulnerability. An attacker can exploit the vulnerability to obtain sensitive information in the database...

7.6AI score
Exploits0
Rows per page
Query Builder