RSS   Vulnerabilities for 'Pbootcms'   RSS

2022-07-14
 
CVE-2022-32417

CWE-94
 

 
PbootCMS v3.1.2 was discovered to contain a remote code execution (RCE) vulnerability via the function parserIfLabel at function.php.

 
2022-06-02
 
CVE-2020-20971

CWE-352
 

 
Cross Site Request Forgery (CSRF) vulnerability in PbootCMS v2.0.3 via /admin.php?p=/User/index.

 
2021-08-12
 
CVE-2020-18456

CWE-79
 

 
Cross Site Scripting (XSS) vulnerability exists in PbootCMS v1.3.7 via the title parameter in the mod function in SingleController.php.

 
2021-07-09
 
CVE-2020-22535

CWE-668
 

 
Incorrect Access Control vulnerability in PbootCMS 2.0.6 via the list parameter in the update function in upgradecontroller.php.

 
2021-07-08
 
CVE-2020-20363

CWE-79
 

 
Crossi Site Scripting (XSS) vulnerability in PbootCMS 2.0.3 in admin.php.

 
 
CVE-2020-23580

NVD-CWE-noinfo
 

 
Remote Code Execution vulnerability in PbootCMS 2.0.8 in the message board.

 
2021-06-03
 
CVE-2020-21003

CWE-79
 

 
Pbootcms v2.0.3 is vulnerable to Cross Site Scripting (XSS) via admin.php.

 
2021-03-31
 
CVE-2021-28245

CWE-89
 

 
PbootCMS 3.0.4 contains a SQL injection vulnerability through index.php via the search parameter that can reveal sensitive information through adding an admin account.

 
2020-11-30
 
CVE-2020-17901

CWE-352
 

 
Cross-site request forgery (CSRF) in PbootCMS 1.3.2 allows attackers to change the password of a user.

 
2020-03-02
 
CVE-2018-16357

CWE-89
 

 
An issue was discovered in PbootCMS. There is a SQL injection via the api.php/Cms/search order parameter.

 


Copyright 2024, cxsecurity.com

 

Back to Top