Fkzhangsao

**Name of the Vulnerable Software and Affected Versions** PbootCMS version 2.0.6 **Description** The issue is related to an Incorrect Access Control vulnerability. It can be exploited via the `list` parameter in the `update` function in `upgradecontroller.php`. **Recommendations** For PbootCMS version 2.0.6, consider restricting access to the `update` function in `upgradecontroller.php` to minimize the risk of exploitation. Avoid using the `list` parameter in the affected function until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.