Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
5.3
PbootCMS File Upload Flaw Allows Remote Attackers to Upload Files
CVE-2026-4509
Summary
PbootCMS versions up to 3.2.12 contain a security flaw in their file upload system. This means that a hacker could potentially upload malicious files to your website, which could lead to unauthorized access or damage. Update to the latest version of PbootCMS as soon as possible to fix this vulnerability.
Original title
A security flaw has been discovered in PbootCMS up to 3.2.12. This affects an unknown function of the file core/function/file.php of the component File Upload. The manipulation of the argument blac...
Original description
A security flaw has been discovered in PbootCMS up to 3.2.12. This affects an unknown function of the file core/function/file.php of the component File Upload. The manipulation of the argument black results in incomplete blacklist. The attack may be launched remotely. The exploit has been released to the public and may be used for attacks.
nvd CVSS2.0
6.5
nvd CVSS3.1
6.3
nvd CVSS4.0
5.3
Vulnerability type
CWE-183
CWE-184
Published: 21 Mar 2026 · Updated: 21 Mar 2026 · First seen: 21 Mar 2026