392 matches found
CVE-2025-29389
PbootCMS v3.2.9 contains a XSS vulnerability in admin.php?p=/Content/index/mcode/2tab=t2...
PT-2025-15698 · Pbootcms · Pbootcms
Name of the Vulnerable Software and Affected Versions: PbootCMS version 3.2.9 Description: The issue is related to a XSS vulnerability. It affects the "admin.php?p=/Content/index/mcode/2tab=t2" endpoint. Recommendations: For PbootCMS version 3.2.9, update to a version that fixes this issue, as th...
CVE-2020-19248
SQL Injection vulnerability in PbootCMS 1.4.1 in parsing if statements in templates, resulting in a malicious user's ability to contaminate template content by searching for page contamination URLs, thus triggering vulnerabilities when the program uses eval statements to parse templates...
CVE-2020-19248
SQL Injection vulnerability in PbootCMS 1.4.1 in parsing if statements in templates, resulting in a malicious user's ability to contaminate template content by searching for page contamination URLs, thus triggering vulnerabilities when the program uses eval statements to parse templates...
CVE-2020-19248
SQL Injection vulnerability in PbootCMS 1.4.1 in parsing if statements in templates, resulting in a malicious user's ability to contaminate template content by searching for page contamination URLs, thus triggering vulnerabilities when the program uses eval statements to parse templates...
CVE-2020-19248
SQL Injection vulnerability in PbootCMS 1.4.1 in parsing if statements in templates, resulting in a malicious user's ability to contaminate template content by searching for page contamination URLs, thus triggering vulnerabilities when the program uses eval statements to parse templates...
CVE-2020-19248
SQL Injection vulnerability in PbootCMS 1.4.1 in parsing if statements in templates, resulting in a malicious user's ability to contaminate template content by searching for page contamination URLs, thus triggering vulnerabilities when the program uses eval statements to parse templates...
CVE-2020-19248
The CVE-2020-19248 entry describes a SQL Injection in PbootCMS 1.4.1 tied to template parsing of if statements, where a malicious user can contaminate template content by crafting page-contamination URLs that trigger eval-based template parsing. Affected software: PbootCMS 1.4.1 (PHP). Root cause...
PbootCMS 安全漏洞
PbootCMS is a PbootCMS open source content management system CMS for building websites for open source businesses using the PHP language. A security vulnerability exists in PbootCMS version 1.4.1, which stems from improper template parsing and leads to SQL injection...
PbootCMS Code Injection Vulnerability (CNVD-2025-0171060)
PbootCMS is PbootCMS open source an open source enterprise building content management system CMS developed using the PHP language. PbootCMS version 3.2.3 and earlier versions of the code injection vulnerability exists , the vulnerability stems from apps/home/controller/IndexController.php page t...
CVE-2024-12793
A vulnerability, which was classified as problematic, has been found in PbootCMS up to 5.2.3. Affected by this issue is some unknown functionality of the file apps/home/controller/IndexController.php. The manipulation of the argument tag leads to path traversal. The attack may be launched remotel...
CVE-2024-12793
A vulnerability, which was classified as problematic, has been found in PbootCMS up to 5.2.3. Affected by this issue is some unknown functionality of the file apps/home/controller/IndexController.php. The manipulation of the argument tag leads to path traversal. The attack may be launched remotel...
CVE-2024-12793 PbootCMS IndexController.php path traversal
A vulnerability, which was classified as problematic, has been found in PbootCMS up to 5.2.3. Affected by this issue is some unknown functionality of the file apps/home/controller/IndexController.php. The manipulation of the argument tag leads to path traversal. The attack may be launched remotel...
CVE-2024-12793
PbootCMS up to 5.2.3 contains a path traversal vulnerability in the code path apps/home/controller/IndexController.php via manipulation of the tag parameter. The issue may be exploitable remotely and the public disclosure suggests an attacker could craft requests to reach restricted paths. Remedi...
CVE-2024-12793 PbootCMS IndexController.php path traversal
A vulnerability, which was classified as problematic, has been found in PbootCMS up to 5.2.3. Affected by this issue is some unknown functionality of the file apps/home/controller/IndexController.php. The manipulation of the argument tag leads to path traversal. The attack may be launched remotel...
CVE-2024-12789
A vulnerability was found in PbootCMS up to 3.2.3. It has been classified as critical. This affects an unknown part of the file apps/home/controller/IndexController.php. The manipulation of the argument tag leads to code injection. It is possible to initiate the attack remotely. The exploit has...
CVE-2024-12789
A vulnerability was found in PbootCMS up to 3.2.3. It has been classified as critical. This affects an unknown part of the file apps/home/controller/IndexController.php. The manipulation of the argument tag leads to code injection. It is possible to initiate the attack remotely. The exploit has...
CVE-2024-12789 PbootCMS IndexController.php code injection
A vulnerability was found in PbootCMS up to 3.2.3. It has been classified as critical. This affects an unknown part of the file apps/home/controller/IndexController.php. The manipulation of the argument tag leads to code injection. It is possible to initiate the attack remotely. The exploit has...
CVE-2024-12789
PbootCMS versions up to 3.2.3 contain a code injection vulnerability in an unspecified portion of apps/home/controller/IndexController.php. The issue arises from improper handling of the tag parameter, enabling arbitrary code execution and remote exploitation. The vulnerability has been publicly ...
CVE-2024-12789 PbootCMS IndexController.php code injection
A vulnerability was found in PbootCMS up to 3.2.3. It has been classified as critical. This affects an unknown part of the file apps/home/controller/IndexController.php. The manipulation of the argument tag leads to code injection. It is possible to initiate the attack remotely. The exploit has...