CVE Catalog

CVE-2026-36239

MediumCVSS 4.3
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.25%

16th percentile - higher than 16% of all known CVEs

Summary

PbootCMS version 3.2.11 contains a code injection vulnerability in its site configuration functionality. An attacker can exploit this flaw to execute arbitrary code remotely.

Risk Assessment

The risk for the organization includes potential server takeover, data theft, or website content modification. This vulnerability can lead to a complete compromise of system security.

Recommendation

It is recommended to immediately update PbootCMS to the latest version that fixes this vulnerability. Additionally, restrict access to the admin panel to trusted users only.

Original NVD description (English source)

PbootCMS v.3.2.11 contains a code injection vulnerability in its site configuration functionality

Vulnerability data from NVD (NIST) · CISA KEV · EPSS