Vulnerabilities > Pbootcms
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-01-29 | CVE-2024-1018 | Cross-site Scripting vulnerability in Pbootcms 3.2.5 A vulnerability classified as problematic has been found in PbootCMS 3.2.5-20230421. | 6.1 |
| 2024-01-04 | CVE-2023-50082 | Unspecified vulnerability in Pbootcms 3.1.2 Aoyun Technology pbootcms V3.1.2 is vulnerable to Incorrect Access Control, allows remote attackers to gain sensitive information via session leakage allows a user to avoid logging into the backend management platform. | 7.5 |
| 2023-08-24 | CVE-2023-39834 | Command Injection vulnerability in Pbootcms PbootCMS below v3.2.0 was discovered to contain a command injection vulnerability via create_function. | 9.8 |
| 2023-02-03 | CVE-2021-37497 | SQL Injection vulnerability in Pbootcms 3.0.5 SQL injection vulnerability in route of PbootCMS 3.0.5 allows remote attackers to run arbitrary SQL commands via crafted GET request. | 9.8 |
| 2022-07-14 | CVE-2022-32417 | Code Injection vulnerability in Pbootcms 3.1.2 PbootCMS v3.1.2 was discovered to contain a remote code execution (RCE) vulnerability via the function parserIfLabel at function.php. | 9.8 |
| 2022-06-02 | CVE-2020-20971 | Cross-Site Request Forgery (CSRF) vulnerability in Pbootcms 2.0.3 Cross Site Request Forgery (CSRF) vulnerability in PbootCMS v2.0.3 via /admin.php?p=/User/index. | 8.8 |
| 2021-08-12 | CVE-2020-18456 | Cross-site Scripting vulnerability in Pbootcms 1.3.7 Cross Site Scripting (XSS) vulnerability exists in PbootCMS v1.3.7 via the title parameter in the mod function in SingleController.php. | 4.8 |
| 2021-07-09 | CVE-2020-22535 | Exposure of Resource to Wrong Sphere vulnerability in Pbootcms 2.0.6 Incorrect Access Control vulnerability in PbootCMS 2.0.6 via the list parameter in the update function in upgradecontroller.php. | 6.5 |
| 2021-07-08 | CVE-2020-23580 | Unspecified vulnerability in Pbootcms 2.0.8 Remote Code Execution vulnerability in PbootCMS 2.0.8 in the message board. | 9.8 |
| 2021-07-08 | CVE-2020-20363 | Cross-site Scripting vulnerability in Pbootcms 2.0.3 Crossi Site Scripting (XSS) vulnerability in PbootCMS 2.0.3 in admin.php. | 4.8 |