Vulnerabilities > Pbootcms

DATE CVE VULNERABILITY TITLE RISK
2024-01-29 CVE-2024-1018 Cross-site Scripting vulnerability in Pbootcms 3.2.5
A vulnerability classified as problematic has been found in PbootCMS 3.2.5-20230421.
network
low complexity
pbootcms CWE-79
6.1
2024-01-04 CVE-2023-50082 Unspecified vulnerability in Pbootcms 3.1.2
Aoyun Technology pbootcms V3.1.2 is vulnerable to Incorrect Access Control, allows remote attackers to gain sensitive information via session leakage allows a user to avoid logging into the backend management platform.
network
low complexity
pbootcms
7.5
2023-08-24 CVE-2023-39834 Command Injection vulnerability in Pbootcms
PbootCMS below v3.2.0 was discovered to contain a command injection vulnerability via create_function.
network
low complexity
pbootcms CWE-77
critical
9.8
2023-02-03 CVE-2021-37497 SQL Injection vulnerability in Pbootcms 3.0.5
SQL injection vulnerability in route of PbootCMS 3.0.5 allows remote attackers to run arbitrary SQL commands via crafted GET request.
network
low complexity
pbootcms CWE-89
critical
9.8
2022-07-14 CVE-2022-32417 Code Injection vulnerability in Pbootcms 3.1.2
PbootCMS v3.1.2 was discovered to contain a remote code execution (RCE) vulnerability via the function parserIfLabel at function.php.
network
low complexity
pbootcms CWE-94
critical
9.8
2022-06-02 CVE-2020-20971 Cross-Site Request Forgery (CSRF) vulnerability in Pbootcms 2.0.3
Cross Site Request Forgery (CSRF) vulnerability in PbootCMS v2.0.3 via /admin.php?p=/User/index.
network
low complexity
pbootcms CWE-352
8.8
2021-08-12 CVE-2020-18456 Cross-site Scripting vulnerability in Pbootcms 1.3.7
Cross Site Scripting (XSS) vulnerability exists in PbootCMS v1.3.7 via the title parameter in the mod function in SingleController.php.
network
low complexity
pbootcms CWE-79
4.8
2021-07-09 CVE-2020-22535 Exposure of Resource to Wrong Sphere vulnerability in Pbootcms 2.0.6
Incorrect Access Control vulnerability in PbootCMS 2.0.6 via the list parameter in the update function in upgradecontroller.php.
network
low complexity
pbootcms CWE-668
6.5
2021-07-08 CVE-2020-23580 Unspecified vulnerability in Pbootcms 2.0.8
Remote Code Execution vulnerability in PbootCMS 2.0.8 in the message board.
network
low complexity
pbootcms
critical
9.8
2021-07-08 CVE-2020-20363 Cross-site Scripting vulnerability in Pbootcms 2.0.3
Crossi Site Scripting (XSS) vulnerability in PbootCMS 2.0.3 in admin.php.
network
low complexity
pbootcms CWE-79
4.8