Vulnerabilities > Pbootcms
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-07-09 | CVE-2020-22535 | Exposure of Resource to Wrong Sphere vulnerability in Pbootcms 2.0.6 Incorrect Access Control vulnerability in PbootCMS 2.0.6 via the list parameter in the update function in upgradecontroller.php. | 6.5 |
| 2021-07-08 | CVE-2020-23580 | Unspecified vulnerability in Pbootcms 2.0.8 Remote Code Execution vulnerability in PbootCMS 2.0.8 in the message board. | 9.8 |
| 2021-07-08 | CVE-2020-20363 | Cross-site Scripting vulnerability in Pbootcms 2.0.3 Crossi Site Scripting (XSS) vulnerability in PbootCMS 2.0.3 in admin.php. | 4.8 |
| 2021-06-03 | CVE-2020-21003 | Cross-site Scripting vulnerability in Pbootcms 2.0.3 Pbootcms v2.0.3 is vulnerable to Cross Site Scripting (XSS) via admin.php. | 4.8 |
| 2021-03-31 | CVE-2021-28245 | SQL Injection vulnerability in Pbootcms 3.0.4 PbootCMS 3.0.4 contains a SQL injection vulnerability through index.php via the search parameter that can reveal sensitive information through adding an admin account. | 7.5 |
| 2020-11-30 | CVE-2020-17901 | Cross-Site Request Forgery (CSRF) vulnerability in Pbootcms 1.3.2 Cross-site request forgery (CSRF) in PbootCMS 1.3.2 allows attackers to change the password of a user. | 6.5 |
| 2020-03-02 | CVE-2018-16357 | SQL Injection vulnerability in Pbootcms An issue was discovered in PbootCMS. | 9.8 |
| 2020-03-02 | CVE-2018-16356 | SQL Injection vulnerability in Pbootcms An issue was discovered in PbootCMS. | 9.8 |
| 2019-10-10 | CVE-2019-17417 | Cross-site Scripting vulnerability in Pbootcms 2.0.2 PbootCMS 2.0.2 allows XSS via vectors involving the Pboot/admin.php?p=/Single/index/mcode/1 and Pboot/?contact/ URIs. | 4.8 |
| 2019-02-17 | CVE-2019-8422 | SQL Injection vulnerability in Pbootcms 1.3.2 A SQL Injection vulnerability exists in PbootCMS v1.3.2 via the description parameter in apps\admin\controller\content\ContentController.php. | 7.2 |