📦 Pbootcms

CVE-2021-37497 is a critical SQL injection vulnerability in PbootCMS 3.0.5 that allows remote attackers to execute arbitrary SQL commands via crafted GET requests. This affects all organizations runni...

PbootCMS v3.1.2 contains a remote code execution vulnerability in the parserIfLabel function that allows attackers to execute arbitrary code on affected systems. This affects all installations running...

CVE-2020-23580 is a remote code execution vulnerability in PbootCMS 2.0.8 that allows attackers to execute arbitrary code through the message board functionality. This affects all installations runnin...

CVE-2023-50082 is an incorrect access control vulnerability in Aoyun Technology pbootcms V3.1.2 that allows remote attackers to bypass authentication and access the backend management platform without...

PbootCMS 3.0.4 contains a SQL injection vulnerability in the search parameter of index.php that allows attackers to execute arbitrary SQL commands. This can lead to unauthorized data access, including...

This vulnerability in PbootCMS allows attackers to spoof IP addresses by manipulating the X-Forwarded-For header. The system incorrectly trusts this header value for user IP identification, enabling I...

This SQL injection vulnerability in PbootCMS 1.4.1 allows attackers to inject malicious SQL code through template parsing. Attackers can contaminate template content via search page URLs, which gets e...

This CVE-2024-12793 is a path traversal vulnerability in PbootCMS that allows attackers to access files outside the intended directory by manipulating the 'tag' parameter. It affects PbootCMS versions...

This vulnerability in PbootCMS allows attackers to access sensitive files or directories through manipulation of the SQLite database file. It affects PbootCMS installations up to version 3.2.12. The a...