Known Vulnerabilities for products from Pbootcms
Listed below are 20 of the newest known vulnerabilities associated with the vendor "Pbootcms".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2026-4514 json | Not Provided | 2026-03-21 | 2026-03-23 | |
| CVE-2026-4510 json | Not Provided | 2026-03-21 | 2026-03-23 | |
| CVE-2026-4509 json | Not Provided | 2026-03-21 | 2026-03-24 | |
| CVE-2026-4508 json | Not Provided | 2026-03-20 | 2026-03-24 | |
| CVE-2025-15153 json | A weakness has been identified in PbootCMS up to 3.2.12. Impacted is an unknown function of the file /data/pbootcms.db of the... | Not Provided | 2025-12-28 | 2026-04-29 |
| CVE-2024-1018 json | 6.1 - MEDIUM | 2024-01-29 | 2024-02-05 | |
| CVE-2023-39834 json | PbootCMS below v3.2.0 was discovered to contain a command injection vulnerability via create_function. | 9.8 - CRITICAL | 2023-08-24 | 2023-08-29 |
| CVE-2022-32417 json | PbootCMS v3.1.2 was discovered to contain a remote code execution (RCE) vulnerability via the function parserIfLabel at funct... | 9.8 - CRITICAL | 2022-07-14 | 2022-07-18 |
| CVE-2021-37497 json | ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new secur... | 9.8 - CRITICAL | 2023-02-03 | 2023-02-10 |
| CVE-2021-28245 json | PbootCMS 3.0.4 contains a SQL injection vulnerability through index.php via the search parameter that can reveal sensitive in... | 7.5 - HIGH | 2021-03-31 | 2021-04-05 |
| CVE-2020-23580 json | Remote Code Execution vulnerability in PbootCMS 2.0.8 in the message board. | 9.8 - CRITICAL | 2021-07-08 | 2021-07-15 |
| CVE-2020-22535 json | Incorrect Access Control vulnerability in PbootCMS 2.0.6 via the list parameter in the update function in upgradecontroller.p... | 6.5 - MEDIUM | 2021-07-09 | 2021-07-13 |
| CVE-2020-21003 json | Pbootcms v2.0.3 is vulnerable to Cross Site Scripting (XSS) via admin.php. | 4.8 - MEDIUM | 2021-06-03 | 2021-06-10 |
| CVE-2020-20971 json | ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new secur... | 8.8 - HIGH | 2022-06-02 | 2022-06-10 |
| CVE-2020-20363 json | Crossi Site Scripting (XSS) vulnerability in PbootCMS 2.0.3 in admin.php. | 4.8 - MEDIUM | 2021-07-08 | 2021-07-12 |
| CVE-2020-18456 json | Cross Site Scripting (XSS) vulnerability exists in PbootCMS v1.3.7 via the title parameter in the mod function in SingleContr... | 4.8 - MEDIUM | 2021-08-12 | 2021-08-16 |
| CVE-2020-17901 json | Cross-site request forgery (CSRF) in PbootCMS 1.3.2 allows attackers to change the password of a user. | 6.5 - MEDIUM | 2020-11-30 | 2020-12-01 |
| CVE-2019-17417 json | PbootCMS 2.0.2 allows XSS via vectors involving the Pboot/admin.php?p=/Single/index/mcode/1 and Pboot/?contact/ URIs. | 4.8 - MEDIUM | 2019-10-10 | 2019-10-11 |
| CVE-2019-8422 json | A SQL Injection vulnerability exists in PbootCMS v1.3.2 via the description parameter in apps\admin\controller\content\Conten... | 7.2 - HIGH | 2019-02-17 | 2019-02-19 |
| CVE-2019-7570 json | A CSRF vulnerability was found in PbootCMS v1.3.6 that can delete users via an admin.php/User/del/ucode/ URI. | 6.5 - MEDIUM | 2019-02-07 | 2019-02-07 |
Known software with vulnerabilities from Pbootcms
| Type | Vendor | Product | Version |
|---|---|---|---|
| Application | Pbootcms | Pbootcms | - |