CVE-2025-15153 – This vulnerability in PbootCMS allows attackers... (How to Fix)

Q: What is the severity of CVE-2025-15153?

CVE-2025-15153 has a CVSS score of 3.7 (LOW). This vulnerability in PbootCMS allows attackers to access sensitive files or directories through manipulation of the SQLite database file. It affects PbootCMS installations up to version 3.2.12. The attack can be launched remotely but requires significant complexity to execute successfully.

📋 TL;DR

This vulnerability in PbootCMS allows attackers to access sensitive files or directories through manipulation of the SQLite database file. It affects PbootCMS installations up to version 3.2.12. The attack can be launched remotely but requires significant complexity to execute successfully.

💻 Affected Systems

Products:

PbootCMS

Versions: Up to and including 3.2.12

Operating Systems: All platforms running PbootCMS

Default Config Vulnerable: ⚠️ Yes

Notes: Vulnerability exists in the SQLite database component and affects all default installations.

📦 What is this software?

Pbootcms by Pbootcms

View all CVEs affecting Pbootcms →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Unauthorized access to sensitive database files containing user credentials, configuration data, or other confidential information, potentially leading to data breach or system compromise.

🟠

Likely Case

Limited information disclosure through database file access, potentially exposing configuration details or partial data.

🟢

If Mitigated

Minimal impact with proper file permissions and access controls preventing database manipulation.

🌐 Internet-Facing: MEDIUM - Attack can be launched remotely but exploit complexity is high, reducing immediate risk.

🏢 Internal Only: LOW - Requires specific conditions and complex manipulation to exploit.

🎯 Exploit Status

Public PoC: ⚠️ Yes

Weaponized: UNKNOWN

Unauthenticated Exploit: ⚠️ Yes

Complexity: HIGH

Exploit details are publicly available but attacks are described as highly complex and difficult to execute.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Unknown

Vendor Advisory: Not available

Restart Required: No

Instructions:

1. Monitor PbootCMS official channels for security updates. 2. Apply any available patches immediately when released. 3. Consider upgrading to the latest version when available.

🔧 Temporary Workarounds

Restrict database file permissions

linux

Set strict file permissions on the SQLite database file to prevent unauthorized access.

chmod 600 /path/to/data/pbootcms.db
chown www-data:www-data /path/to/data/pbootcms.db

Web server configuration hardening

all

Configure web server to deny direct access to database files.

Add 'Deny from all' to .htaccess in data directory for Apache
Add 'location ~ \.db$ { deny all; }' to nginx config

🧯 If You Can't Patch

Implement strict file system permissions on the data directory and database files
Deploy web application firewall (WAF) rules to block database file access attempts

🔍 How to Verify

Check if Vulnerable:

Check PbootCMS version in admin panel or by examining version files. If version is 3.2.12 or earlier, system is vulnerable.

Check Version:

Check admin panel or examine /app/config/version.php for version information

Verify Fix Applied:

Verify database file permissions are set to 600 and owned by web server user. Test direct access to /data/pbootcms.db returns 403/404 error.

📡 Detection & Monitoring

Log Indicators:

Access attempts to /data/pbootcms.db in web server logs
SQLite error messages indicating file access issues
Unusual database read operations

Network Indicators:

HTTP requests attempting to access database files directly
Patterns of requests to data directory

SIEM Query:

source="web_server" AND (uri="/data/pbootcms.db" OR uri LIKE "/data/%.db")

📊 Metadata

CVE ID: CVE-2025-15153

CVSS v3 Score: 3.7 (LOW)

CVSS Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N

CWE: CWE-425

EPSS Score: 0.05% exploit probability (16.2th percentile)

Published: December 28, 2025

Last Updated: February 24, 2026

🔗 References

https://note-hxlab.wetolink.com/share/ALC1iSa8J56A Exploit
https://vuldb.com/?ctiid.338531 Permissions Required,VDB Entry
https://vuldb.com/?id.338531 Third Party Advisory,VDB Entry
https://vuldb.com/?submit.719814 Third Party Advisory,VDB Entry

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2025-15153, you might also want to check these: