Pbootcms
Monthly
Weak password recovery in PbootCMS up to 3.2.12 allows remote unauthenticated attackers to take over user accounts by manipulating the `checkcode`, `username`, `password`, and `email` parameters in the `retrieve` function of `apps/home/controller/MemberController.php`. The recovery mechanism fails to adequately validate or protect the verification token, enabling bypass of the intended authentication challenge during the password reset flow. A public proof-of-concept exploit explicitly titled 'Account-Takeover' is available on GitHub, elevating the realistic risk beyond the conservative base score of 6.9.
A weakness has been identified in PbootCMS up to 3.2.12. Impacted is an unknown function of the file /data/pbootcms.db of the component SQLite Database. Executing a manipulation can lead to files or directories accessible. It is possible to launch the attack remotely. Attacks of this nature are highly complex. The exploitability is considered difficult. The exploit has been made available to the public and could be used for attacks. Modifying the configuration settings is advised.
SQL Injection vulnerability in pbootCMS versions 3.2.5 and 3.2.10 that allows unauthenticated remote attackers to execute arbitrary SQL queries via crafted GET requests, potentially leading to unauthorized data disclosure, modification, or system compromise. With a CVSS score of 8.8 and network-accessible attack vector requiring only user interaction, this represents a critical threat to publicly exposed pbootCMS installations. The vulnerability's high impact on confidentiality, integrity, and availability suggests potential for large-scale exploitation if proof-of-concept code becomes available.
A vulnerability was found in PbootCMS 3.2.5. Rated medium severity (CVSS 5.1), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.
PbootCMS v3.2.9 contains a XSS vulnerability in admin.php?p=/Content/index/mcode/2#tab=t2. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
Weak password recovery in PbootCMS up to 3.2.12 allows remote unauthenticated attackers to take over user accounts by manipulating the `checkcode`, `username`, `password`, and `email` parameters in the `retrieve` function of `apps/home/controller/MemberController.php`. The recovery mechanism fails to adequately validate or protect the verification token, enabling bypass of the intended authentication challenge during the password reset flow. A public proof-of-concept exploit explicitly titled 'Account-Takeover' is available on GitHub, elevating the realistic risk beyond the conservative base score of 6.9.
A weakness has been identified in PbootCMS up to 3.2.12. Impacted is an unknown function of the file /data/pbootcms.db of the component SQLite Database. Executing a manipulation can lead to files or directories accessible. It is possible to launch the attack remotely. Attacks of this nature are highly complex. The exploitability is considered difficult. The exploit has been made available to the public and could be used for attacks. Modifying the configuration settings is advised.
SQL Injection vulnerability in pbootCMS versions 3.2.5 and 3.2.10 that allows unauthenticated remote attackers to execute arbitrary SQL queries via crafted GET requests, potentially leading to unauthorized data disclosure, modification, or system compromise. With a CVSS score of 8.8 and network-accessible attack vector requiring only user interaction, this represents a critical threat to publicly exposed pbootCMS installations. The vulnerability's high impact on confidentiality, integrity, and availability suggests potential for large-scale exploitation if proof-of-concept code becomes available.
A vulnerability was found in PbootCMS 3.2.5. Rated medium severity (CVSS 5.1), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.
PbootCMS v3.2.9 contains a XSS vulnerability in admin.php?p=/Content/index/mcode/2#tab=t2. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.