First published: Thu Dec 06 2018(Updated: )
SearchController.php in PbootCMS 1.2.1 has SQL injection via the index.php/Search/index.html query string.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Pbootcms Pbootcms | =1.2.1 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2018-19893 is a vulnerability in PbootCMS 1.2.1 that allows SQL injection via the query string in index.php/Search/index.html.
CVE-2018-19893 has a severity rating of 9.8, which is considered critical.
CVE-2018-19893 affects PbootCMS version 1.2.1 and allows SQL injection through the query string in index.php/Search/index.html.
To fix CVE-2018-19893, update PbootCMS to a version that is not affected by this vulnerability.
You can find more information about CVE-2018-19893 at the following link: https://github.com/Pbootcms/Pbootcms/issues/3