Pbootcms

Pbootcms

40 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
6.3

CVE-2026-4514

Exploit
  • EPSS 0.04%
  • Veröffentlicht 21.03.2026 10:32:09
  • Zuletzt bearbeitet 23.03.2026 14:31:37

A flaw has been found in PbootCMS up to 3.2.12. Affected by this issue is some unknown functionality of the file apps/admin/controller/system/UserController.php of the component Backend. Executing a manipulation of the argument Field can lead to impr...

4.3

CVE-2026-4510

  • EPSS 0.03%
  • Veröffentlicht 21.03.2026 07:16:10
  • Zuletzt bearbeitet 23.03.2026 14:31:37

A weakness has been identified in PbootCMS up to 3.2.12. This impacts the function alert_location of the file apps/home/controller/MemberController.php of the component Parameter Handler. This manipulation of the argument backurl causes cross site sc...

6.3

CVE-2026-4509

Exploit
  • EPSS 0.05%
  • Veröffentlicht 21.03.2026 06:02:10
  • Zuletzt bearbeitet 23.03.2026 14:31:37

A security flaw has been discovered in PbootCMS up to 3.2.12. This affects an unknown function of the file core/function/file.php of the component File Upload. The manipulation of the argument black results in incomplete blacklist. The attack may be ...

7.3

CVE-2026-4508

Exploit
  • EPSS 0.04%
  • Veröffentlicht 20.03.2026 22:32:10
  • Zuletzt bearbeitet 23.03.2026 14:32:02

A vulnerability was identified in PbootCMS up to 3.2.12. The impacted element is the function checkUsername of the file apps/home/controller/MemberController.php of the component Member Login. The manipulation of the argument Username leads to sql in...

5.3

CVE-2025-15154

Exploit
  • EPSS 0.06%
  • Veröffentlicht 28.12.2025 21:02:07
  • Zuletzt bearbeitet 30.12.2025 19:02:50

A security vulnerability has been detected in PbootCMS up to 3.2.12. The affected element is the function get_user_ip of the file core/function/handle.php of the component Header Handler. The manipulation of the argument X-Forwarded-For leads to use ...

5.9

CVE-2025-15153

Exploit
  • EPSS 0.06%
  • Veröffentlicht 28.12.2025 20:32:07
  • Zuletzt bearbeitet 24.02.2026 07:16:59

A weakness has been identified in PbootCMS up to 3.2.12. Impacted is an unknown function of the file /data/pbootcms.db of the component SQLite Database. Executing a manipulation can lead to files or directories accessible. It is possible to launch th...

8.8

CVE-2025-46109

Exploit
  • EPSS 0.15%
  • Veröffentlicht 18.06.2025 15:15:27
  • Zuletzt bearbeitet 26.06.2025 15:51:06

SQL Injection vulnerability in pbootCMS v.3.2.5 and v.3.2.10 allows a remote attacker to obtain sensitive information via a crafted GET request

6.5

CVE-2025-3787

Exploit
  • EPSS 0.26%
  • Veröffentlicht 18.04.2025 09:31:04
  • Zuletzt bearbeitet 23.04.2025 17:52:33

A vulnerability was found in PbootCMS 3.2.5. It has been classified as problematic. Affected is an unknown function of the component Image Handler. The manipulation leads to server-side request forgery. It is possible to launch the attack remotely. T...

6.1

CVE-2025-29389

Exploit
  • EPSS 0.18%
  • Veröffentlicht 09.04.2025 15:16:02
  • Zuletzt bearbeitet 15.04.2025 13:42:23

PbootCMS v3.2.9 contains a XSS vulnerability in admin.php?p=/Content/index/mcode/2#tab=t2.

5.1

CVE-2020-19248

Exploit
  • EPSS 0.04%
  • Veröffentlicht 21.02.2025 19:15:10
  • Zuletzt bearbeitet 07.04.2025 15:05:33

SQL Injection vulnerability in PbootCMS 1.4.1 in parsing if statements in templates, resulting in a malicious user's ability to contaminate template content by searching for page contamination URLs, thus triggering vulnerabilities when the program us...