CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

393 matches found

OSV•added 2019/10/10 1:6 a.m.•2 views

CVE-2019-17417

PbootCMS 2.0.2 allows XSS via vectors involving the Pboot/admin.php?p=/Single/index/mcode/1 and Pboot/?contact/ URIs...

4.8CVSS5.8AI score

Exploits0References1

NVD•added 2019/10/10 1:6 a.m.•10 views

CVE-2019-17417

PbootCMS 2.0.2 allows XSS via vectors involving the Pboot/admin.php?p=/Single/index/mcode/1 and Pboot/?contact/ URIs...

4.8CVSS4.8AI score0.00646EPSS

Exploits1References1

Prion•added 2019/10/10 1:6 a.m.•13 views

Cross site scripting

PbootCMS 2.0.2 allows XSS via vectors involving the Pboot/admin.php?p=/Single/index/mcode/1 and Pboot/?contact/ URIs...

3.5CVSS4.8AI score0.00646EPSS

Exploits1References1Affected Software1

CNVD•added 2019/10/10 12:0 a.m.•2 views

PbootCMS Cross-Site Scripting Vulnerability

PbootCMS is a new core open source enterprise building system developed by Avantech. A cross-site scripting vulnerability exists in PbootCMS 2.0.2, which can be exploited to conduct cross-site scripting attacks via routes involving Pboot/admin.php?p=/Single/index/mcode/1 and Pboot/?contact/ URI...

4.8CVSS6.3AI score0.00646EPSS

Exploits1References1

CVE•added 2019/10/09 10:30 p.m.•113 views

CVE-2019-17417

PbootCMS 2.0.2 is reported vulnerable to cross-site scripting (XSS) via routes such as Pboot/admin.php?p=/Single/index/mcode/1 and Pboot/?contact/. The root cause is a reflected/Stored XSS vector in these URIs that allows injection of malicious scripts within the context of authenticated or unaut...

4.8CVSS4.7AI score0.00646EPSS

Exploits1References1Affected Software1

Cvelist•added 2019/10/09 10:30 p.m.•16 views

CVE-2019-17417

PbootCMS 2.0.2 allows XSS via vectors involving the Pboot/admin.php?p=/Single/index/mcode/1 and Pboot/?contact/ URIs...

4.8AI score0.00646EPSS

Exploits1References1

CNVD•added 2019/07/30 12:0 a.m.•4 views

Command execution vulnerability in PbootCMS v1.4.1 frontend search page template

PbootCMS is a new core and permanent open source free PHP enterprise website development and construction management system, is a set of efficient, simple, strong and free commercial PHP CMS source code. PbootCMSv1.4.1 front-end search page templates have a command execution vulnerability that ca...

7.3AI score

Exploits0

CNVD•added 2019/04/28 12:0 a.m.•3 views

Remote Code Execution Vulnerability in PbootCMS V1.3.8 Backend

PbootCMS is a PHP enterprise web development and construction management system developed by Avantech. PbootCMS V1.3.8 remote code execution vulnerability exists in the background, attackers can use the vulnerability to obtain control of the web server...

8.2AI score

Exploits0

OSV•added 2019/02/17 10:29 p.m.•1 views

CVE-2019-8422

A SQL Injection vulnerability exists in PbootCMS v1.3.2 via the description parameter in apps\admin\controller\content\ContentController.php...

7.2CVSS7.2AI score0.01298EPSS

Exploits1References1

Prion•added 2019/02/17 10:29 p.m.•12 views

Sql injection

A SQL Injection vulnerability exists in PbootCMS v1.3.2 via the description parameter in apps\admin\controller\content\ContentController.php...

6.5CVSS7.4AI score0.01298EPSS

Exploits1References1Affected Software1

NVD•added 2019/02/17 10:29 p.m.•18 views

CVE-2019-8422

A SQL Injection vulnerability exists in PbootCMS v1.3.2 via the description parameter in apps\admin\controller\content\ContentController.php...

7.2CVSS7.5AI score0.01298EPSS

Exploits1References1

Cvelist•added 2019/02/17 10:0 p.m.•18 views

CVE-2019-8422

A SQL Injection vulnerability exists in PbootCMS v1.3.2 via the description parameter in apps\admin\controller\content\ContentController.php...

7.5AI score0.01298EPSS

Exploits1References1

CVE•added 2019/02/17 10:0 p.m.•40 views

CVE-2019-8422

CVE-2019-8422 affects PbootCMS v1.3.2 via the description parameter in apps\admin\controller\content\ContentController.php, enabling SQL Injection . Connected sources report a base CVSS v3.0 score of 7.2 (HIGH) with network attack vector, low attack complexity, and impacts to confidentiality, int...

7.2CVSS7.4AI score0.01298EPSS

Exploits1References1Affected Software1

Prion•added 2019/02/07 7:29 a.m.•13 views

Cross site request forgery (csrf)

A CSRF vulnerability was found in PbootCMS v1.3.6 that can delete users via an admin.php/User/del/ucode/ URI...

5.8CVSS6.5AI score0.00544EPSS

Exploits1References1Affected Software1

NVD•added 2019/02/07 7:29 a.m.•20 views

CVE-2019-7570

A CSRF vulnerability was found in PbootCMS v1.3.6 that can delete users via an admin.php/User/del/ucode/ URI...

6.5CVSS6.5AI score0.00544EPSS

Exploits1References1

OSV•added 2019/02/07 7:29 a.m.•2 views

CVE-2019-7570

A CSRF vulnerability was found in PbootCMS v1.3.6 that can delete users via an admin.php/User/del/ucode/ URI...

6.5CVSS6.6AI score0.00544EPSS

Exploits1References1

Cvelist•added 2019/02/07 7:0 a.m.•15 views

CVE-2019-7570

A CSRF vulnerability was found in PbootCMS v1.3.6 that can delete users via an admin.php/User/del/ucode/ URI...

6.5AI score0.00544EPSS

Exploits1References1

CVE•added 2019/02/07 7:0 a.m.•41 views

CVE-2019-7570

CVE-2019-7570 applies to PbootCMS v1.3.6, describing a Cross-Site Request Forgery (CSRF) vulnerability that allows an attacker to delete user accounts via the admin.php/User/del/ucode/ endpoint. The connected sources confirm the affected product/version and the targeted action, with no additional...

6.5CVSS6.5AI score0.00544EPSS

Exploits1References1Affected Software1

CNVD•added 2018/12/20 12:0 a.m.•1 views

SQL Injection Vulnerability in PbootCMS Backend

PbootCMS is a new core open source enterprise building system developed by Avantech. There is a SQL injection vulnerability in PbootCMS backend. Attackers can use this vulnerability to obtain sensitive information in the database...

7.7AI score

Exploits0

OSV•added 2018/12/06 3:29 a.m.•2 views

CVE-2018-19893

SearchController.php in PbootCMS 1.2.1 has SQL injection via the index.php/Search/index.html query string...

9.8CVSS5.8AI score0.01135EPSS

Exploits1References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by