← voltar
CVE-2026-4509

PbootCMS File Upload file.php incomplete blacklist

CVSS 5.3 MEDIUMEPSS 0.3%CWE-183CWE-184
A security flaw has been discovered in PbootCMS up to 3.2.12. This affects an unknown function of the file core/function/file.php of the component File Upload. The manipulation of the argument black results in incomplete blacklist. The attack may be launched remotely. The exploit has been released to the public and may be used for attacks.
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P
Produtos afetados
n/a · PbootCMS

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →
Referências
https://github.com/zzj-create/cvetest/blob/main/VULN-04_DANGEROUS_FILE_UPLOAD_REPORT_EN.mdhttps://vuldb.com/?ctiid.352075https://vuldb.com/?id.352075https://vuldb.com/?submit.773901