Filtered by vendor Pbootcms
Subscriptions
Total
27 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2018-18450 | 1 Pbootcms | 1 Pbootcms | 2019-03-07 | N/A |
| apps\admin\controller\content\SingleController.php in PbootCMS before V1.3.0 build 2018-11-12 has SQL Injection, as demonstrated by the POST data to the admin.php/Single/mod/mcode/1/id/3 URI. | ||||
| CVE-2019-8422 | 1 Pbootcms | 1 Pbootcms | 2019-02-19 | N/A |
| A SQL Injection vulnerability exists in PbootCMS v1.3.2 via the description parameter in apps\admin\controller\content\ContentController.php. | ||||
| CVE-2019-7570 | 1 Pbootcms | 1 Pbootcms | 2019-02-07 | N/A |
| A CSRF vulnerability was found in PbootCMS v1.3.6 that can delete users via an admin.php/User/del/ucode/ URI. | ||||
| CVE-2018-19893 | 1 Pbootcms | 1 Pbootcms | 2018-12-26 | N/A |
| SearchController.php in PbootCMS 1.2.1 has SQL injection via the index.php/Search/index.html query string. | ||||
| CVE-2018-19053 | 1 Pbootcms | 1 Pbootcms | 2018-12-12 | N/A |
| PbootCMS 1.2.2 allows remote attackers to execute arbitrary PHP code by specifying a .php filename in a "SET GLOBAL general_log_file" statement, followed by a SELECT statement containing this PHP code. | ||||
| CVE-2018-18211 | 1 Pbootcms | 1 Pbootcms | 2018-11-26 | N/A |
| PbootCMS 1.2.1 has SQL injection via the HTTP POST data to the api.php/cms/addform?fcode=1 URI. | ||||
| CVE-2018-11018 | 1 Pbootcms | 1 Pbootcms | 2018-06-18 | N/A |
| An issue was discovered in PbootCMS v1.0.7. Cross-site request forgery (CSRF) vulnerability in apps/admin/controller/system/RoleController.php allows remote attackers to add administrator accounts via admin.php/role/add.html. | ||||