CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 1CVE-2023-39834
https://notcve.org/view.php?id=CVE-2023-39834
PbootCMS below v3.2.0 was discovered to contain a command injection vulnerability via create_function. • https://github.com/Pbootcms/Pbootcms/issues/8 • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 1CVE-2018-18450
https://notcve.org/view.php?id=CVE-2018-18450
apps\admin\controller\content\SingleController.php in PbootCMS before V1.3.0 build 2018-11-12 has SQL Injection, as demonstrated by the POST data to the admin.php/Single/mod/mcode/1/id/3 URI. apps\admin\controller\content\SingleController.php en PbootCMS en versiones anteriores a la V1.3.0 build 12/11/2018 tiene una inyección SQL, tal y como queda demostrado con los datos POST en el URI admin.php/Single/mod/mcode/1/id/3. • http://www.ttk7.cn/post-96.html https://www.pbootcms.com/changelog.html • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 1CVE-2018-11369
https://notcve.org/view.php?id=CVE-2018-11369
An issue was discovered in PbootCMS v1.0.9. There is a SQL Injection that can get important information from the database via the \apps\home\controller\ParserController.php scode parameter. Se ha descubierto un problema en PbootCMS v1.0.9. Hay una inyección SQL que puede conseguir información importante de la base de datos mediante el parámetro scode en \apps\home\controller\ParserController.php. • https://gitee.com/hnaoyun/PbootCMS/issues/IJZ1E • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •