cnvd - cnvd-2025-01710

cnvd-2025-01710

Vulnerability from cnvd

Title: PbootCMS代码注入漏洞（CNVD-2025-0171060）

Description:

PbootCMS是PbootCMS开源的一款使用PHP语言开发的开源企业建站内容管理系统（CMS）。

PbootCMS 3.2.3版本及之前版本存在代码注入漏洞，该漏洞源于apps/home/controller/IndexController.php页面的tag参数未能正确过滤构造代码段的特殊元素。攻击者可利用该漏洞导致任意代码执行。

Severity: 中

Formal description:

厂商尚未提供漏洞修复方案，请关注厂商主页更新： https://gist.github.com/J1rrY-learn/8e52bf055fd1806ada81ae1ff25dd817

Reference: https://nvd.nist.gov/vuln/detail/CVE-2024-12789

Impacted products

Name
PbootCMS PbootCMS <3.2.4

Show details on source website

JSON

To clipboard

{
  "cves": {
    "cve": {
      "cveNumber": "CVE-2024-12789",
      "cveUrl": "https://nvd.nist.gov/vuln/detail/CVE-2024-12789"
    }
  },
  "description": "PbootCMS\u662fPbootCMS\u5f00\u6e90\u7684\u4e00\u6b3e\u4f7f\u7528PHP\u8bed\u8a00\u5f00\u53d1\u7684\u5f00\u6e90\u4f01\u4e1a\u5efa\u7ad9\u5185\u5bb9\u7ba1\u7406\u7cfb\u7edf\uff08CMS\uff09\u3002\n\nPbootCMS 3.2.3\u7248\u672c\u53ca\u4e4b\u524d\u7248\u672c\u5b58\u5728\u4ee3\u7801\u6ce8\u5165\u6f0f\u6d1e\uff0c\u8be5\u6f0f\u6d1e\u6e90\u4e8eapps/home/controller/IndexController.php\u9875\u9762\u7684tag\u53c2\u6570\u672a\u80fd\u6b63\u786e\u8fc7\u6ee4\u6784\u9020\u4ee3\u7801\u6bb5\u7684\u7279\u6b8a\u5143\u7d20\u3002\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u5bfc\u81f4\u4efb\u610f\u4ee3\u7801\u6267\u884c\u3002",
  "formalWay": "\u5382\u5546\u5c1a\u672a\u63d0\u4f9b\u6f0f\u6d1e\u4fee\u590d\u65b9\u6848\uff0c\u8bf7\u5173\u6ce8\u5382\u5546\u4e3b\u9875\u66f4\u65b0\uff1a\r\nhttps://gist.github.com/J1rrY-learn/8e52bf055fd1806ada81ae1ff25dd817",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2025-01710",
  "openTime": "2025-01-14",
  "products": {
    "product": "PbootCMS PbootCMS \u003c3.2.4"
  },
  "referenceLink": "https://nvd.nist.gov/vuln/detail/CVE-2024-12789",
  "serverity": "\u4e2d",
  "submitTime": "2024-12-25",
  "title": "PbootCMS\u4ee3\u7801\u6ce8\u5165\u6f0f\u6d1e\uff08CNVD-2025-0171060\uff09"
}

CVE-2024-12789 (GCVE-0-2024-12789)

Vulnerability from cvelistv5

Published

2024-12-19 16:31

Modified

2024-12-20 17:19

Severity ?

5.3 (Medium) - CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N
6.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
6.3 (Medium) - CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L

CWE

CWE-94 - Code Injection
CWE-74 - Injection

Summary

A vulnerability was found in PbootCMS up to 3.2.3. It has been classified as critical. This affects an unknown part of the file apps/home/controller/IndexController.php. The manipulation of the argument tag leads to code injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. Upgrading to version 3.2.4 is able to address this issue. It is recommended to upgrade the affected component.

References

▼	URL	Tags
	https://vuldb.com/?id.288969	vdb-entry, technical-description
	https://vuldb.com/?ctiid.288969	signature, permissions-required
	https://vuldb.com/?submit.465122	third-party-advisory
	https://gist.github.com/J1rrY-learn/8e52bf055fd1806ada81ae1ff25dd817	broken-link, exploit

Impacted products

	Vendor	Product	Version
	n/a	PbootCMS	Version: 3.2.0 Version: 3.2.1 Version: 3.2.2 Version: 3.2.3

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-12789",
                "options": [
                  {
                    "Exploitation": "poc"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-12-20T17:18:23.107474Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-12-20T17:19:50.397Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "PbootCMS",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "3.2.0"
            },
            {
              "status": "affected",
              "version": "3.2.1"
            },
            {
              "status": "affected",
              "version": "3.2.2"
            },
            {
              "status": "affected",
              "version": "3.2.3"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "reporter",
          "value": "J1rrY (VulDB User)"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability was found in PbootCMS up to 3.2.3. It has been classified as critical. This affects an unknown part of the file apps/home/controller/IndexController.php. The manipulation of the argument tag leads to code injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. Upgrading to version 3.2.4 is able to address this issue. It is recommended to upgrade the affected component."
        },
        {
          "lang": "de",
          "value": "Es wurde eine Schwachstelle in PbootCMS bis 3.2.3 ausgemacht. Sie wurde als kritisch eingestuft. Betroffen hiervon ist ein unbekannter Ablauf der Datei apps/home/controller/IndexController.php. Durch Beeinflussen des Arguments tag mit unbekannten Daten kann eine code injection-Schwachstelle ausgenutzt werden. Umgesetzt werden kann der Angriff \u00fcber das Netzwerk. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung. Ein Aktualisieren auf die Version 3.2.4 vermag dieses Problem zu l\u00f6sen. Als bestm\u00f6gliche Massnahme wird das Einspielen eines Upgrades empfohlen."
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N",
            "version": "4.0"
          }
        },
        {
          "cvssV3_1": {
            "baseScore": 6.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
            "version": "3.1"
          }
        },
        {
          "cvssV3_0": {
            "baseScore": 6.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
            "version": "3.0"
          }
        },
        {
          "cvssV2_0": {
            "baseScore": 6.5,
            "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
            "version": "2.0"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-94",
              "description": "Code Injection",
              "lang": "en",
              "type": "CWE"
            }
          ]
        },
        {
          "descriptions": [
            {
              "cweId": "CWE-74",
              "description": "Injection",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-12-19T16:31:06.205Z",
        "orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
        "shortName": "VulDB"
      },
      "references": [
        {
          "name": "VDB-288969 | PbootCMS IndexController.php code injection",
          "tags": [
            "vdb-entry",
            "technical-description"
          ],
          "url": "https://vuldb.com/?id.288969"
        },
        {
          "name": "VDB-288969 | CTI Indicators (IOB, IOC, TTP, IOA)",
          "tags": [
            "signature",
            "permissions-required"
          ],
          "url": "https://vuldb.com/?ctiid.288969"
        },
        {
          "name": "Submit #465122 | Hangzhou Aoyun Technology Co. Pbootcms enterprise website development and construction management system \u003c3.2.4 Arbitrary code execution",
          "tags": [
            "third-party-advisory"
          ],
          "url": "https://vuldb.com/?submit.465122"
        },
        {
          "tags": [
            "broken-link",
            "exploit"
          ],
          "url": "https://gist.github.com/J1rrY-learn/8e52bf055fd1806ada81ae1ff25dd817"
        }
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2024-12-19T00:00:00.000Z",
          "value": "Advisory disclosed"
        },
        {
          "lang": "en",
          "time": "2024-12-19T01:00:00.000Z",
          "value": "VulDB entry created"
        },
        {
          "lang": "en",
          "time": "2024-12-19T09:41:59.000Z",
          "value": "VulDB entry last update"
        }
      ],
      "title": "PbootCMS IndexController.php code injection"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
    "assignerShortName": "VulDB",
    "cveId": "CVE-2024-12789",
    "datePublished": "2024-12-19T16:31:06.205Z",
    "dateReserved": "2024-12-19T08:36:52.650Z",
    "dateUpdated": "2024-12-20T17:19:50.397Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted