CVE Catalog
CVE-2026-36239
MediumCVSS 4.3Exploitation Probability (EPSS)
Low risk0.25%
16th percentile - higher than 16% of all known CVEs
Summary
PbootCMS version 3.2.11 contains a code injection vulnerability in its site configuration functionality. An attacker can exploit this flaw to execute arbitrary code remotely.
Risk Assessment
The risk for the organization includes potential server takeover, data theft, or website content modification. This vulnerability can lead to a complete compromise of system security.
Recommendation
It is recommended to immediately update PbootCMS to the latest version that fixes this vulnerability. Additionally, restrict access to the admin panel to trusted users only.
Original NVD description (English source)
PbootCMS v.3.2.11 contains a code injection vulnerability in its site configuration functionality

