SQL Injection Vulnerability in PbootCMS 3.0.4 via index.php Search Parameter

SQL Injection Vulnerability in PbootCMS 3.0.4 via index.php Search Parameter

CVE-2021-28245 · HIGH Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

PbootCMS 3.0.4 contains a SQL injection vulnerability through index.php via the search parameter that can reveal sensitive information through adding an admin account.

Learn more about our Cis Benchmark Audit For Microsoft Sql Server.