Vulnerabilities > Pbootcms > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-12-19 | CVE-2024-12793 | Path Traversal vulnerability in Pbootcms A vulnerability, which was classified as problematic, has been found in PbootCMS up to 5.2.3. | 4.3 |
| 2024-01-29 | CVE-2024-1018 | Unspecified vulnerability in Pbootcms 3.2.5 A vulnerability classified as problematic has been found in PbootCMS 3.2.5-20230421. | 6.1 |
| 2021-08-12 | CVE-2020-18456 | Cross-site Scripting vulnerability in Pbootcms 1.3.7 Cross Site Scripting (XSS) vulnerability exists in PbootCMS v1.3.7 via the title parameter in the mod function in SingleController.php. | 4.8 |
| 2021-07-09 | CVE-2020-22535 | Exposure of Resource to Wrong Sphere vulnerability in Pbootcms 2.0.6 Incorrect Access Control vulnerability in PbootCMS 2.0.6 via the list parameter in the update function in upgradecontroller.php. | 6.5 |
| 2021-07-08 | CVE-2020-20363 | Cross-site Scripting vulnerability in Pbootcms 2.0.3 Crossi Site Scripting (XSS) vulnerability in PbootCMS 2.0.3 in admin.php. | 4.8 |
| 2021-06-03 | CVE-2020-21003 | Cross-site Scripting vulnerability in Pbootcms 2.0.3 Pbootcms v2.0.3 is vulnerable to Cross Site Scripting (XSS) via admin.php. | 4.8 |
| 2020-11-30 | CVE-2020-17901 | Cross-Site Request Forgery (CSRF) vulnerability in Pbootcms 1.3.2 Cross-site request forgery (CSRF) in PbootCMS 1.3.2 allows attackers to change the password of a user. | 6.5 |
| 2019-10-10 | CVE-2019-17417 | Cross-site Scripting vulnerability in Pbootcms 2.0.2 PbootCMS 2.0.2 allows XSS via vectors involving the Pboot/admin.php?p=/Single/index/mcode/1 and Pboot/?contact/ URIs. | 4.8 |
| 2019-02-07 | CVE-2019-7570 | Cross-Site Request Forgery (CSRF) vulnerability in Pbootcms 1.3.6 A CSRF vulnerability was found in PbootCMS v1.3.6 that can delete users via an admin.php/User/del/ucode/ URI. | 6.5 |