vQAQv/Request-CVE-ID-PoC

Releases0

Stars1

Request CVE ID PoC

CVE History

CVE	Published	CVSS v3	CVSS v2
CVE-2018-10132 ↗	Apr 16, 2018Monday, 16 April 2018, 15:29	—	6.8 MEDIUM
PbootCMS v0.9.8 has CSRF via an admin.php/Message/mod/id/19.html?backurl=/index.php request, resulting in PHP code injection in the recontent parameter.
CVE-2018-10133 ↗	Apr 16, 2018Monday, 16 April 2018, 15:29	—	7.5 HIGH
PbootCMS v0.9.8 allows PHP code injection via an IF label in index.php/About/6.html or admin.php/Site/index.html, related to the parserIfLabel function in \apps\home\controller\ParserController.php.